So what is application-layer encryption (ALE)?In the simplest terms, with application-layer encryption, data is encrypted before being stored, which prevents someone with direct access to a database from being able to browse the encrypted data. ALE adds another layer of security that is missing from traditional SaaS architecture.
In the graphic above, the first layer is the web application firewall (WAF). While I think WAFs still have value, they are a double-edged sword, introducing risks even as they mitigate others.
Is a WAF good enough to prevent security breaches and protect sensitive customer data? No. You need more than that, as we've seen time and time again.
Let's talk about the swiss cheese model.
With the swiss cheese model, data loss only occurs if the holes (the weaknesses) in each measure all line up and occur at the same time. Any single measure (like the WAF) will inherently be imperfect, but layered together, risk can be mitigated.
Application-layer encryption adds another layer of data protection against SQL injection attacks, misconfigurations, broken access control, and design flaws.
We believe application-layer encryption is the right thing to do to protect sensitive data. If you're interested in how to add it to your product roadmap, let's talk.
.png?upscale=true&width=280&upscale=true&name=Apple%20(2).png)
