|
Tumbler is a tool for securely holding sensitive information in a low security
data-center.
When using Tumbler, the only way to decrypt secure information from your server is
safely stored on a single decryption tool, which only you possesses. As the holder
of the decryption tool, all you need to do is plug the device into your
computer and the download begins. So not only is it secure, it’s also very easy
to use.
Once the process is begun, all data, new data, or previously-downloaded “batches” of
data may be selected. The information is then decrypted and written to a local
disk. After downloading, the user is prompted to remove the device from the
computer in order to safeguard the decryption key.
While the physical hardware device is the most common solution
– it is easy to manage access and enforce download policies
because access to the hardware is easily controlled – there
are also download libraries available for integration into automated
environments which can periodically poll the web server for new
information.
Because the downloading is initiated by a trusted agent (the person
in possession of the download device) and because the data is highly
structured (structured data is easier to secure), the ability for an
attacker to hijack the connection to covertly access the decryption key
is remote. The sensitive information from site visitors is protected
from the browser all the way through to the processing environment,
regardless of whether or not the servers in between were
compromised.
This unique approach securely stores website-visitor information without the usual expense
of creating a high security environment. Even if a server’s security is
compromised, Tumbler will keep information safe.
| 
