Cimmaron Software, Inc. Contact Us Support Technologies
 
 
Company

Data Encryption

Data Security Goals and Solutions

Protect Personally Identifiable Information (PII) Data - SSN and other vulnerable contact data is encrypted both in the database and optionally through certificates held at the client site. This provides protection in cases where the outer layers of security (firewalls, web servers, etc.) may be comprised.
Encrypt user passwords - Both Cimmaron and third party system passwords (LOS, Exchange, etc.) are encrypted and inaccessible directly through the database.
Protect back up media - By encrypting the database with an external key that is not included in the back up, unauthorized access to the database through the theft of back up media is eliminated.
Provide clients with the ability manage their own security certificates - The Cimmaron CryptoCloud technology uses a certificate management system that gives our clients the ability to independently maintain their own private keys. This means customer data can only be decrypted within our client's own secured network and is therefore inaccessible to external users, including Cimmaron administrators.
Encrypted Data Search - One way hash algorithms allow users to search for contacts by SSN without the need to decrypt the entire SSN field.
 
 

Two Levels of Data Encryption

Symmetric Key Encryption - Data is encrypted in the database using SQL Server's symmetry key. This key is used to decrypt data and is not included in the database back up process. This prevents the key from being exposed in cases of back up media theft. Access to the key requires the highest level of permission, keeping the key accessible to only certain authorized Cimmaron administrators.

Client Certificate Encryption - This second level of encryption gives our customers the ability to maintain their own private keys inside their own Windows Certificate Store, which limits decryption to authorized users within the client organization. Too learn more, see Cimmaron CryptoCloud technology.
 
 

Key Management

Cimmaron's extensive policies and procedures offer protection against key corruption and loss of key values. For example, a designated machine, disconnected from the Internet is exclusively used to issue certificates, secured with two factor authorization, and stored in a secure off-site safe.