Welcome Xcellator

XcellSecure SM | Cloud Encryption

Unrivaled visibility. Real-time data & threat

Unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device.

Buy Now Schedule Demo Take Tour Play Video

Data at Rest Encryption Products

Vormetric Data Security

The Vormetric Data Security Platform makes it easy and efficient to manage data-at-rest security across your entire organization.

Vormetric Data Security Manager

Vormetric Data Security Manager from Thales is a data security appliance which enables centralized policy and encryption...

Vormetric Transparent Encryption

Vormetric Transparent Encryption enterprise encryption software delivers data-at-rest encryption with centralized key management, pr...

Vormetric Application Encryption

Vormetric Application Encryption from Thales provides encryption for Enterprise, database, big data and PaaS applications.

Vormetric Tokenization with Dynamic Data Masking

Vormetric Tokenization with Dynamic Data Masking dramatically reduces the cost and effort required to comply with security policies

Vormetric Protection for Teradata Database

Comprehensive, granular controls required to secure the most sensitive assets across your Teradata environments.

Batch Data Transformation | Static Data Masking

The Vormetric Batch Data Transformation utility is a high speed batching tool for encryption and tokenization.

XcellHost Active Cloud Encryption Delivers

Persistent end-to-end encryption of cloud data
Multi-cloud protection across the widest range of cloud apps
Exclusive control over the encryption process and keys
Granular policy controls to selectively encrypt any type of data
Format- and function-preserving solutions that preserve cloud functionality
Mobile and endpoint apps enabling file decryption by authorized user
Standards-based AES 256-bit encryption with FIPS 140-2 validation
Highly scalable solutions with minimal latency

use cases


Data encryption, user and process access controls, logs, FIPS 140-2 and Common Criteria compliant key management, strong administration policies all contribute to effectively satisfying compliance mandates and regulation requirements.

Cloud Security

Confidently move workloads to the cloud and hosted environments knowing that your data remains in your control through data encryption and key management.

Database Security

Encrypt data, control privileged user access, and collect security intelligence logs across your heterogeneous collection of database and big data environments with Thales data-at-rest data encryption security solutions.

Key benefits

Operational Simplicity

Centralized policy and encryption key management to assure control of your data across every physical and virtual server on and off your premises.

Minimize Risk

Meet compliance and best practice requirements for protecting data from external threats or malicious insiders with proven, high-performance and scalable data encryption.

Security Agility

Quickly address new data security requirements and compliance mandates by having an encryption solution in place ready and able to encrypt everything.


talk to our cloud expert


I really like Xcellhost because it has been designed to be completely comfortable when encrypting my most precious files locally.

-mira kumari

The freedom to synchronize it with a variety of cloud services with which it is compatible, for that and for more is that Xcellhost is my only and first option when encrypting my most sensitive data.

-darshan khair

With Xcellhost , you can privately encrypt the information that comes out of your devices, it has zero knowledge encryption, and the encryption protocols used by this tool are the same protocols used by banking and financial institutions.

-jigar jain


Storage encryption involves encrypting data while it passes to storage devices, such as individual hard disks, tape drives, or the libraries and arrays that contain them. Using storage level encryption along with database and file encryption goes a long way toward offsetting the risk of losing your data. Like network encryption, storage encryption is a relatively blunt instrument, typically protecting all the data on each tape or disk regardless of the type or sensitivity of the data.

Although using storage encryption is a good way to ensure your data is safe by default in case it is lost, adopting a more granular approach and encrypting at the level of individual files, volumes, or columns in a database may be necessary, particularly if data is shared with other users or is subject to specific audit requirements.

Encryption is a process that uses algorithms to encode data as cyphertext. This cyphertext can only be made meaningful again, if the person or application accessing the data has the tools (encryption keys) to decode the cyphertext. So, if the data is stolen or accidentally shared, it is protected because it is indecipherable. While the meaning of “transparent” may differ from provider to provider, Vormetric Transparent Encryption manages encryption and access to the encryption keys to make the overall process “transparent” to the user. This means the credentialed data user isn’t even aware the data was encrypted before he or she retrieved it from storage or that it is encrypted again when returned to storage.

Yes you can.

Many major SaaS, PaaS and IaaS vendors offer the ability to import keys from your on-premises HSM into a key vault or cloud HSM, fully described in Domain 11 of CSA Security Guidance for Critical Areas of Focus in Cloud Computing v4.0. The level of integration varies depending on cloud vendors and whether or not you opt for on premises or cloud HSMs. You may need to manually perform the import, but you are provided up to FIPS 140-2 Level 3 security. From there the cloud provider derives keys from the master key you imported to encrypt data contained in various services (e.g., object, volume, database).

There are three basic strategies to accomplish this:

          1. Encrypt data prior to transport
          2. Use encryption with both transport and storage services
          3. Use data-centric security

In end-to-end encryption, data is protected by default wherever it goes over its entire lifecycle. Sensitive data is encrypted the moment it is captured, in a point-of-sale (POS) device at a retail store, for example, and stays encrypted or is re-encrypted while it moves between systems and security domains. This notion of encryption as a data “bodyguard” that always accompanies data objects (files, documents, records, and so on) is appealing but raises questions about establishing trust relationships between different domains and interoperability when it comes to key management.


Cloud Encryption

Related Products & Services

Business email

Business Email

Our Business Email package comes with a storage space of 5GB per account. This is dedicated to file storage and also backs up all your mails on our state of the art infrastructure, making sure you never experience a loss of mails

Microsoft Integration_1

Microsft 365

Includes Office 365, Windows 10 & Enterprise Mobility + Security. Learn More Now. Trusted & Secure. Secure Cloud Service. Intelligent Security. Built For Teamwork. Achieve More Together.

Email signature

E-mail Signatures

Microsoft Office 365, Exchange Server and G Suite solutions for email signatures, archiving, email utilities & more.