Baffle, the startup that wants to make data breaches "irrelevant," announced its latest data security offering for Amazon Redshift customers: Data Privacy Cloud.
Baffle aims to prevent data breaches in public and private clouds by encrypting data wherever it may be. Most data protection schemes encrypt data while in transit or at rest in storage, but not while it is in use. In many cases, the data gets decrypted before the application can use it — which is why many attacks target the application. Baffle's goal is to keep the data encrypted while it's being processed by databases and application. This way the data is still unavailable and unusable even if the attackers breach the database or application.
Baffle's data protection portfolio — which supports tokenization, masking, and encryption — provides end-to-end protection of the modern data pipeline. Baffle is cloud-native for Snowflake, Amazon Web Services, Microsoft Azure, Google Compute Platform, and IBM Cloud. It offers seamless integration with Amazon Redshift, AWS Database Migration Services, AWS Glue, and AWS Simple Storage Service (S3). Baffle Data Privacy Cloud, which organizations can run in their own virtual private clouds or private clouds, currently has integration support just for Redshift.
"Baffle gives Amazon Redshift users the confidence to proceed with critical data analytics projects by ensuring their data is protected, no matter where it is in the analytics pipeline," said Baffle's co-founder and CEO, Ameesh Divatia, in a statement.
Data Privacy Cloud runs on AWS Lambda serverless functions, which allows organizations to establish their own data protection service for any data store and any application for their application groups and business units, the company says. AWS Lambda supports virtually infinite scalability and exposes developer interfaces for integration with pretty much any application.
Baffle relies on a "security mesh" that reveals data only to authorized accesses. The no-code platform makes it easy to deploy the mesh without requiring extensive code changes, the company says. As data gets consumed into data warehouses and analytics environments, Baffle selectively enables access depending on role and policy.
Developers can invoke application calls into the Data Privacy Cloud to protect data with a cloud-native service. The service offloads the integration work with key management solutions and integrates data-centric privacy and security methods into complex distributed service and data environments.
The startup raised $20 million in Series B funding over the summer. Over the past year, the startup has added more integration support to its Data Protection Services. DPS protects data from any source to any destination as it moves from on-premises to cloud, or between cloud-native services, the company says.
Read more about Data Privacy Cloud here.