Solved

Protegrity Security Solution vs Teradata's

Posted on 2014-10-14
4
45 Views
Last Modified: 2016-07-16
I have a client that currently has the Teradata EDW environment. Their business supports a number of Defense programs with sensitive ITAR data. They are considering Protegrity's security solution as a add-on to their current TD environment. At a high level, can one of your experts provide the pluses and minuses of using the current TD environment vs the add-on solution from Protegrity?
0
Comment
Question by:Glenn Reis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40381765
(1) For the pt on Teradata existing, i believe their own saying will be a baseline starter for its merit and cons of their existing measures - in short we are measuring in terms of confidentiality, integrity and availability (CIA) from the application to systems level and the overall incident handling services provided. Measures commensurate with data classification.

http://developer.teradata.com/database/articles/defense-in-depth-best-practices-for-securing-a-teradata-data-warehouse

Even if security policies that provide for the classification of data are already in place, a "best practice" is to assign classification levels to the information and to the associated information processing services. Teradata security best practice is to develop and publish a security policy specific to the data warehouse and ensure that all users understand the policy. E.g. Teradata® Database supports below.  
> User-level security controls.
> Increased user authentication options.
> Support for security roles.
> Enterprise directory integration.
> Network traffic encryption.
> Auditing and monitoring controls.

Also to note of existing (which good to recap to client) - Teradata Database V2R5.0.2 has been evaluated to the requirements to the International Common Criteria for Information Technology Security Evaluation  (ISO 15408) standard. (The latter is which is meant to be used as a basis for evaluating security properties of Information Technology.)
While the evaluation considered the design of the system, it also considered processes used for testing and installation and included a vulnerability analysis. It provides a high level of assurance in the security design and implementation of a Teradata Database system. And it is intended to satisfy the requirements of those customers (primarily government agencies) that are required to procure only IT systems for which the security robustness has been formally evaluated and validated.


(2)  For the Protegrity piece, I see it generally as layer over the existing security architecture that your client is having. The value is likely the Protegrity Vaultless Tokenization (PVT) technology whereby the  tokenization is applied to the sensitive data before it enters the warehouse, using the enterprise’s own security policies.  
(fact sheet) http://www.protegrity.com/wp-content/uploads/2013/04/Protegrity-Vaultless-Tokenization-Fact-Sheet.pdf

The PVT does not use an ever-growing database and/or lookup table to store sensitive data or tokens. In fact, a database table is not used in the lookup process at all. The FAQ (http://www.protegrity.com/2012/04/vaultless-tokenization-faqs/) may help to beef the security adds, else it is not worst off in the existing state of Teradata.
0
 
LVL 64

Expert Comment

by:btan
ID: 41713757
It is answered -  security augments on existing TD for pluses and very much minimal is the standard additional cost and interoperability test & maintenance aspects which are more affecting the long term IT and OPS team workflow and budgeting.

To consider ID: 40381765 for acceptance
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question