Skip to main content

Introduction to Piiano Vault

Learn about the basic and advanced features of Piiano Vault.

Piiano Vault is the platform the industry needs for safely storing and using customers' sensitive and personal data. Whether in the cloud or on-prem, Vault is a secure database, the home for Personally Identifiable Information (PII), Payment Information (PCI DSS), Protected Health Information (PHI), and sensitive secrets, such as your customers' webhook tokens.

Outstanding privacy and security issues:

  • Data could be completely stolen
  • Access to data is not fully audited
  • Sensitive data is not segregated
  • No field level encryption
  • Sensitive data travels as-is outside of your database
  • No attack mitigation for: SQL injection, Missing authorization (IDOR), etc.
  • No granular access controls for the data
  • Missing compliance functionality
  • Admins can access data
Without Piiano VaultWithout Piiano Vault

As a secure database, Vault supports the security and privacy requirements of data and privacy regulations such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).

Vault is made for developers, with simplicity a top priority. It has several editions and can be deployed anywhere – on your machine for development and testing and in the cloud for staging and production environments. Vault is self-hosted, meaning data stays in your environment. Integration is straightforward, using the REST APIs and the pvault CLI.

Vault includes built-in semantic data types, such as name, email, SSN, credit card, oauth tokens, KYC documents, etc. It is also possible to write and customize your own data types.

These data types are used as part of the schema definition for objects, which makes Vault data-aware and enables it to be smart, with tokenization, transformations, and encryption features. For the first time, you can use personal data while inherently reducing its exposure and risk as much as possible.

Using semantic data types also means the data is always tagged and enables Vault to support data subject rights, such as Data Subject Access Request (DSAR) and the Right To Be Forgotten (RTBF).

Key features

  • Vault is dedicated to securely storing sensitive personal information. It removes the pain of understanding and implementing the data and privacy regulations' requirements and empowers and encourages the implementation of security and privacy by design.

  • Vault can store full name, phone number, email address, home address, SSN, know your customer (KYC) documents, payment details, and many more. It is hardened against data leaks and credentials theft, and monitors and limits data access.

  • PII and PCI DSS information have unique workflows and life cycles. Vault natively supports them while maximizing data protection, including searching, querying, and processing encrypted and protected information.

  • The security and privacy compliance requirements needed when storing PII, PCI DSS, PHI, and other sensitive information are built into Vault. For example, Vault includes seamless encryption and key rotation, tokenization, tight access controls, full audit, individual privacy rights implementation, and more.

  • Vault empowers the simple implementation of pseudonymization – the decoupling of PII from the original data sets.

  • Vault is built with developers in mind: making privacy engineering simple with APIs that enable the straightforward integration of Vault into applications.

At last, there's a specialized data store for sensitive personal information in your modern tech stack. Vault is deployed next to other data stores, so sensitive data stays within your account, in your full control.

Vault integrates with your applications, as other databases do.

Data pseudonymizationData pseudonymization

Next steps