JumpWire Overview
7min
jumpwire makes it easy to enforce secure data practices across internal users, applications and apis, without having to change any code by securing data as it moves between clients, databases and apis, jumpwire prevents sensitive data from being leaked or exposed, and helps companies stay compliant with the data handling practices of their soc2/pci dss/or iso 27001 programs a key feature of jumpwire is its ability to apply data security to specific properties in data, instead of an entire database, result set or document for example, jumpwire can encrypt only the json properties that correspond to pii as part of an http post jumpwire automatically catalogs schemas to understand the shape of data payloads, then uses policies to label, classify and transform fields jumpwire was built to be easily run inside a private network in a company's own cloud this has two benefits it keeps latency low, and enables jumpwire to connect internal applications and databases, not just ones that are connected to the internet why jumpwire? jumpwire embodies a philosophy of “defense in depth” and applies it to data we invert typical perimeter based security approaches on their head, by securing data as it moves through applications in an environment, and transforming the original data with a secured format this ensures that, regardless of where data travels within an environment, it remains secure from improper handling or access without jumpwire, companies are left trying to protect sensitive data with access controls alone while least privilege access to systems is complementary to the security that jumpwire provides, it fails to add protection when data is moved into other systems like data warehouses, stored in backups, logged by applications, or exported between environments use cases jumpwire can solve a variety of use cases for securing data across its lifecycle in a scoped environment common ones are detailed below dynamic access controls use jumpwire to control query access to sensitive data in an existing database for example, developers may need access to a production database, but should not be able to query columns that contain customer pii a request can be made to step up privileges for accessing sensitive data, with manager approval you can read more under group access docid 3juq2mpk0cxwi85zxhpiy access requests with approval database field encryption/tokenization use application encryption keys to seamlessly secure individual columns in a database for example, encrypt customer data with a customer specific key even when storing data in a cotenant database pii field encryption geo replicated query routing companies often need to store data in different physical regions, to comply with privacy laws jumpwire can automatically route queries to the correct region, and combine results in real time without the application being aware of which region the data resides block specific data from http egress highly confidential data that should never leave a scoped environment can be dropped from http requests through jumpwire http redaction how it works jumpwire installs inside your cloud environment, which we refer to as “on premise” in this setup, no data leaves your private network, and there are no critical dependencies on a saas product being available jumpwire adapts to existing infrastructure architecture, with the flexibility to sit atop a variety of network or application boundaries there are two boundaries where jumpwire is typically deployed as an http proxy docid\ gvarrumauf qfdcqche4h or as a database proxy docid\ wu ifm7qypftttyq82t8j the heart of jumpwire is a powerful integration platform that manages connections to and moves data between apis and databases this custom built platform provides efficient work distribution across a cluster of nodes and automated horizontal scalability for handling increasing load jumpwire integrations can programmatically describe data schemas in other systems, streamlining the ability to label data fields and match labels to handling policies
