How Tokenization Works
You can think of ALTR’s Vaulted Tokenization like a “coat check” – give us your data, we give you a ticket to retrieve your data when you’re ready and keep the data safe for you in the interim. Start by bringing us your data via API call. We store that data in our token vault and send you back a completely random token. Then we hold the token and the data side by side in an extremely fast, extraordinarily secure database. In fact, we encrypt the original data values as well as the database itself. When you need it, an authorized user can just run a SQL query sending us the applicable tokens and ALTR returns the original values.
ALTR's Tokenization Advantages
ALTR’s Vaulted Tokenization delivers a unique combination of advantages for companies that need to secure sensitive data in the cloud:
- Speedy and scalable - We’ve built a streamlined, very fast Snowflake tokenization solution to keep up with the needs, volume and speeds of modern cloud data warehouses. In fact, in our testing we’ve hit read speeds of 150,000 values in a second. This means users can run a query and de-tokenize millions or billions of values in seconds – matching Snowflake’s scale and throughput. Our per-token pricing is scalable as well – just pay for the data you need to protect today, and we can grow with you. And unlike other solutions, ALTR only charges per tokenization, not de-tokenization. When you want to use your data, you can, without penalty.
- Extremely secure - Our tokenization engine delivers a string of characters with no computable relationship between the token and the original value. Unlike some other solutions, the token is completely random and can only be de-tokenized via access to the token vault – where both the data and the database itself are heavily encrypted.
- Maintains your analytics options - The use of “deterministic tokens” in ALTR's Snowflake tokenization – where the same random value is delivered for a specific piece of data every time – preserves the connection between data values, allowing for SQL operations such as joins or WHERE clauses across tokenized databases while the data stays obfuscated. For example, users can uncover trends among users with the same date of birth across multiple databases without ever seeing the actual DOB. And unlike anonymization or hashing, users can retrieve the original values when required.
- Easier than you expect - ALTR has already done the work to alleviate common tokenization challenges and concerns for you by meeting you where your data is. We integrate with Data Discovery & Classification leaders to let their data classification guide us to the sensitive data you might want to protect and partner with leading ETL providers to simply embed Snowflake tokenization into your pipeline to your cloud data warehouse. For source data doesn’t fit a traditional ETL pipeline, we offer flexible APIs that integrate with common tools like Amazon S3 buckets and data frameworks like Azure Data Factory. Once tokenized data is in Snowflake, you can just start using ALTR’s tokenization interface to manage your secured data with just a few mouse clicks. You can tie it back to your policies for who can access tokenized data and how much they can de-tokenize. Because we’re SaaS-based, there's no software to deploy, no hardware to manage, no worries about scaling with your Snowflake usage.
Cloud data tokenization for end-to-end data governance and security
Available via API, integrated into ETL tools and Snowflake, or combined with ALTR’s data access control and policy enforcement engine, ALTR’s Vaulted Tokenization can fill the gap in your data security and governance platform with Snowflake tokenization, ensuring that, from on-premises to the cloud, the most sensitive data is only accessible to authorized users, staying completely secure.