Protegrity Secure.Data, Working With Microsoft Commerce Server And Microsoft Sql Server 2000, Creates Enhanced Security And Privacy For Internet Business

The Only Out-of-the-Box Application Transparent Database Encryption Solution

STAMFORD, CT-Protegrity Inc., a Microsoft Certified Partner, today announced that Secure.Data provides enhanced enterprise-wide database protection and privacy enforcement solutions for Microsoft Commerce Server, which integrates with Microsoft SQL Server 2000 relational database.

Microsoft is including Protegrity Secure.Data(tm) for SQL Server 2000 database in a kit that focuses on solutions for Internet business, which is being sent to systems integrators worldwide this month. This product brings an additional layer to SQL Server 2000 security thereby enhancing the benefits of customers’ Internet business solutions.

Protegrity Secure.Data(tm) for Microsoft SQL Server 2000 is the only “out-of-the-box” automated database encryption solution with protected key-management software for selectively encrypting, securing, auditing, and controlling access to enterprise relational database information at the data-item level. Protegrity’s software ensures absolute access control to data without requiring changes to the underlying application.

Protegrity Secure.Data for Microsoft SQL Server 2000 meets the growing corporate, legislative, and industry-wide requirements for securing data in databases from unauthorized and un-auditable access. Secure.Data for Microsoft SQL Server 2000 is fully deployable into production environments in just a few days. This database security solution is application transparent which allows for fast integration, rapid execution, cost-effective security and privacy compliance.

“Internet business requires that companies protect their databases-ensuring confidentiality while maintaining the highest levels of security for valuable and sensitive customer and corporate information,” said Eric Swift, lead product manager for ..NET Enterprise Servers at Microsoft Corp. “Protegrity Secure.Data for SQL Server 2000 is excellent technology from a company with a successful track record in database security. It is an effective tool to use with Commerce Server as it enhances the security of customers’ important information that is collected during commerce transactions and then stored in SQL Server 2000.”

Protegrity Secure.Data for SQL Server 2000 is built specifically for Internet business solutions using Microsoft Commerce Server. The software is interoperability certified for Windows Server 2000; passed the Microsoft Commerce Server 2000 Integration Test; and was performance tested by the Microsoft SQL Server Test Lab.

Protegrity’s Secure.Data operates in distributed environments and across the leading relational databases and platforms, including Web and Internet-enabled database applications. Secure-Data is the only third-party data-protection and privacy-enforcement product integrated with Microsoft SQL Server 2000.

“Protegrity’s enterprise data protection and privacy solution used with Microsoft Commerce Server and Microsoft SQL Server 2000 security features enables companies to deploy e-business database applications that comply with multiple privacy and security requirements,” said Scott C. Nevins, president and CEO of Protegrity. “For example, there are industry-wide mandates, such as VISA USA Cardholder Information Security Program and also the U.S. Software and Information Industry Association method of securing credit card and private consumer data in E-Business sites. Protegrity Secure.Data is a complete database security and privacy solution that operates independently and transparently to applications while protecting the privacy of selective database information against internal and external threats.”

Protegrity is the leading infrastructure software company for deployment ready “out-of-the-box” security solutions that protect databases from internal and external unauthorized access. The largest and most successful Fortune 500 companies in the commercial and consumer finance, investment banking, healthcare, pharmaceutical, consumer products, and E-Business sectors, including credit card issuers and processors, use Protegrity Secure.Data for securing information, such as: credit cards, financial, compensation, secret formulas and patient records in their databases.

The database is the location where the valuable, sensitive and private database information resides such as credit card numbers, PIN numbers, Social Security numbers, patient records and other personally identifiable data, as well as proprietary source code and other critical corporate information. Disclosure of this data represents great risk and liability. A company is vulnerable when its security solutions only focus on perimeter and network, and overlook databases. Client/server architecture and distributed computing environments leave the database and proprietary information vulnerable and unprotected by traditional security solutions.

Secure.Data automates encryption, access control and audit for sensitive data in selected columns of corporate databases to protect valuable information from misuse, theft, or destruction. Secure.Data provides a unique form of access control that allows a company to work with protected data according to the user’s needs and roles within an organization – ensuring that only authorized individuals have the level of access appropriate for their job function.

Companies and organizations are now establishing new internal IT audit requirements for protecting against both external and internal security threats. The U.S. FBI/Computer Security Institute (CSI) Computer Crime and Security Survey of April 2002 highlights that U.S. companies and government agencies report losing more money from theft of proprietary information than any other type of attack on their computer systems. In fact, the average loss for financial fraud of proprietary data is $4.1 million.

Businesses and organizations are being required to implement selective protection of data in databases because of information-privacy and data-protection legislation, such as mandates for cryptographic protection of stored data and requirements for the security, audit and segregation of duties for sensitive data at rest within the database. For example, the U.S. Gramm-Leach-Bliley Act (GLBA) requires financial institutions and their partners to protect non-public personal data while in storage, while implementing a variety of access and security controls. The U.S Health Information Portability and Accountability Act (HIPAA) guidelines place similar requirements on healthcare organizations.

Protegrity was established in 1996 and is based in Stamford, Connecticut, with its Research and Development and European Regional Sales Office in Sweden. Information about Protegrity’s Secure.Data solution for Microsoft SQL Server 2000, as well as more information about other Secure.Data information-privacy products and services is available by calling (203) 326-7200, visiting www.protegrity.com, e-mailing: sales@protegrity.com; faxing (203) 326-7250, or writing to: Protegrity, Incorporated, 1177 Summer Street, Stamford, CT, 06905-5529, USA.