Protegrity Secure.Data F3 with nCipher FIPS 140 validated hardware now available for Microsoft SQL Server 2000

EDP Weekly's IT Monitor, Jan 13, 2003

Protegrity, Inc., a Microsoft Certified Partner, has announced the introduction of Secure.Data F3 for Microsoft SQL Server 2000 relational database--a database security solution that combines "out-of-the-box" application transparent software with cryptographic hardware from nCipher, providing enhanced key management capabilities.

The Secure.Data F3 solution for Microsoft SQL Server 2000 utilizes nCipher's cryptographic hardware certified to the Federal Information Processing Standard (FIPS) 140 Level 3--the most widely recognized benchmark for cryptographic security best practices.

The integration of Protegrity's Secure.Data software with nCipher's nShield Hardware Security Module (HSM) provides customers with a solution to help address stringent government, industry and internal auditing standards for protecting the privacy of sensitive database information against internal and external threats.

"The best protected organizations use security software for the highest level of data protection with a secure audit trail and deploy hardware modules for managing encryption keys," says Scott C. Nevins, president and CEO of Protegrity. "Protegrity Secure.Data F3 for Microsoft SQL Server 2000 is integrated to work seamlessly with application software--allowing for rapid execution and cost-effective security compliance."

"Increasing concerns about security and privacy of data have prompted the development of legislation and industry standards, such as VISA CISP, designed to encourage companies to follow tighter security practices," says Stuart Vaeth, director strategic alliances, nCipher. "The integration of nCipher hardware for key management and Protegrity Secure.Data provides a comprehensive approach to enhanced database security helping organizations comply with privacy regulations."

Protegrity Secure.Data F3 is a patented database security solution designed for large organizations in the financial services, health care, insurance, government and e-Business sectors. Secure.Data F3 software is fast and easy to implement (one to three days). Secure.Data automates encryption with a protected audit function that is based on separation of duties for sensitive data in selected database columns. The automated and enforced segregation of duties between DBA's and security officers enables centralized management of encryption parameters.

The Secure.Data F3 solution enhances overall key management by protecting the master key inside the nShield HSM, allowing for the secure generation, storage, disposal, archival and recovery of the master key. This solution takes advantage of nCipher's smart card based key management framework to securely deliver increased scalability.

"The protection, audit and segregation for sensitive data at rest within the database are key elements of security because most data remains at rest in databases for more than 90 percent of its life," Nevins says. "A company is vulnerable when its security solutions only focus on perimeter, such as firewalls and networks, and overlook databases."