Data encryption & Tokenization Truths

Data encryption truths
Truth 1: If you encrypt data and lose the encryption key, the data is lost forever. There is
no way to get it back.
Truth 2: If you encrypt data and don!t control access to the keys, you haven!t secured the
data at all.
Truth 3: The fewer places you store the sensitive data, the better.

Tokenization truths
Truth 1: While field sizes increase when encrypting data; token size can follow the same
size and format of the original data field.
Truth 2: Using tokens in place of actual credit card numbers or other sensitive data can reduce
the scope of risk by limiting the number of places ciphertext resides.
Truth 3: Tokens can be used as indexes in key table relationships within databases, while
ciphertext cannot.
Truth 4: For instances where employees do not need to see the full encrypted value, using
mask-preserving token values in place of encrypted data reduces the scope of risk.
Truth 5: There is one-to-one relationship between the data value and token throughout
the enterprise, preserving referential integrity.

The fewer places you store the sensitive data, the better. Token server attributes and best practices Tokenization provides numerous benefits to organizations that need to protect sensitive and confidential information. Fortunately, token servers that support best practices are emerging to make it easier for enterprises to implement tokenization.

Look for a token server with the following attributes:
• Reduces risk - Tokenization creates a central, protected data silo where sensitive data is
encrypted and stored. Using a token server should greatly reduce the footprint where sensitive
data is located and eliminate points of risk.
• No application modification - Token servers generate tokens that act as surrogates for
sensitive data wherever it resides. Tokens maintain the length and format of the original
data so that applications don!t require modification.
• Referential integrity - Token servers enforce a strict one-to-one relationship between
tokens and data values so that they can be used as foreign keys and so referential integrity
can be assured whenever an encrypted field is present across multiple applications and data sets.
• Control and flexibility - The best token servers will give IT complete control of the
token-generation strategy. For example, the last four digits of the data can be preserved in
the token, allowing the token to support many common use-cases.
• Streamlines regulatory compliance - A token server enables organizations to narrow
the scope of systems, applications and processes that need to be audited for compliance
with mandates such as PCI DSS.

Source:-  InSecure & nuBridges