Protegrity Secure.Data F3 With nCipher Fips 140 Validated Hardware Now Available For Microsoft SQL Server 2000

STAMFORD, CT- January 7, 2003–Protegrity, Inc., a Microsoft Certified Partner, announces the introduction of Secure.Data F3 for Microsoft SQL Server 2000 relational database – a database security solution that combines “out-of-the-box” application transparent software with cryptographic hardware from nCipher, providing enhanced key management capabilities. The Secure.Data F3 solution for Microsoft SQL Server 2000 utilizes nCipher’s cryptographic hardware certified to the Federal Information Processing Standard (FIPS) 140 Level 3 – the most widely recognized benchmark for cryptographic security best practices.
The integration of Protegrity’s Secure.Data software with nCipher’s nShieldâ„? Hardware Security Module (HSM) provides customers with a solution to help address stringent government, industry and internal auditing standards for protecting the privacy of sensitive database information against internal and external threats.

“The best protected organizations use security software for the highest level of data protection with a secure audit trail and deploy hardware modules for managing encryption keys,” says Scott C. Nevins, president and CEO of Protegrity. “Protegrity Secure.Data F3 for Microsoft SQL Server 2000 is integrated to work seamlessly with application software – allowing for rapid execution and cost-effective security compliance.”

“Increasing concerns about security and privacy of data have prompted the development of legislation and industry standards, such as VISA CISP, designed to encourage companies to follow tighter security practices” says Stuart Vaeth, director strategic alliances, nCipher. “The integration of nCipher hardware for key management and Protegrity Secure.Data provides a comprehensive approach to enhanced database security helping organizations comply with privacy regulations.”

Protegrity Secure.Data F3 is a patented database security solution designed for large organizations in the financial services, health care, insurance, government and e-Business sectors. Secure.Data F3 software is fast and easy to implement (one to three days). Secure.Data automates encryption with a protected audit function that is based on separation of duties for sensitive data in selected database columns. The automated and enforced segregation of duties between DBA’s and security officers enables centralized management of encryption parameters.

The Secure.Data F3 solution enhances overall key management by protecting the master key inside the nShield HSM, allowing for the secure generation, storage, disposal, archival and recovery of the master key. This solution takes advantage of nCipher’s smart card based key management framework to securely deliver increased scalability.

“The protection, audit and segregation for sensitive data at rest within the database are key elements of security because most data remains at rest in databases for more than 90 percent of its life,” Nevins says. “A company is vulnerable when its security solutions only focus on perimeter, such as firewalls and networks, and overlook databases.”

When customers use Secure.Data they gain a data security solution that meets government, industry and internal auditing standards for data access control, privacy and security requirements. These include privacy regulations and industry guidelines regarding controlling access to sensitive data, including:

· U.S. Gramm-Leach-Biley Act (GLBA) for financial institutions
· U.S. Health Information Portability and Accountability Act (HIPAA) guidelines
· EU 95/46/EC Directive on Data Privacy (Safe Harbor)
· VISA Cardholder Information Security Program
· MasterCard Site Data Protection Service
· American Express Merchant Data Security Standards

Availability: Secure.Data F3 is available now for Microsoft SQL Server 2000 and Oracle 8i databases. Support for IBM DB2 and Sybase is under development.

# # # #

About Protegrity

Protegrity is a leader in database security software, delivering privacy and protection solutions for mission-critical data stored in databases. Its flagship product Secure.Data enables companies to comply with the strictest government and industry regulations on data privacy and security by preventing both unauthorized and unauditable access to sensitive data.
Protegrity provides database security to the largest and best known organizations in financial services, health care, government and e-business. Established in 1996, Protegrity is based in Stamford, Connecticut, with its Research and Development and European Regional Sales Office in Sweden.

For more information about Protegrity, please call (203) 326-7200, visit, e-mail; fax (203) 326-7250, or write to: Protegrity, Incorporated, 1177 Summer Street, Stamford, CT, 06905-5529, USA.

Don't miss