Key Concepts

Data-Centric Security

A process of data de-identification that removes sensitivity from the original data in order to render it worthless in unauthorized hands. Data-Centric Security is commonly implemented through tokenization, encryption, FPE, hashing, and masking.

Sensitive Data Discovery

A process of detection and classification of sensitive data using advanced language models. Sensitive data includes personally identifiable information, commercially sensitive information, or otherwise confidential attributes associated with an individual.

Tokenization

Data tokenization is a reversible method of data protection. In tokenization, sensitive data is substituted with a randomly generated surrogate value known as a token. Generated token may be configured to be format, length, and language-preserving. Additional controls, such as adhering to a date range or passing the Luhn check are available. Tokenization is the most popular data protection method among Protegrity’s clients. Learn more about Protegrity Vaultless Tokenization.

Encryption

Encryption is an alternative method of reversible data protection. It uses mathematical algorithms and cryptographic keys to change data into “binary ciphertext,” rendering the encrypted data unreadable and unusable. To access the original data, a user needs to present an encryption key, which reverses the encryption process and unlocks the data.

External IV (Coming Soon)

A user-defined input added to a tokenization request used to differentiate generated tokens from the same initial value.

---

Last modified January 2, 2025