Solved

Protegrity Security Solution vs Teradata's

Posted on 2014-10-14
4
33 Views
Last Modified: 2016-07-16
I have a client that currently has the Teradata EDW environment. Their business supports a number of Defense programs with sensitive ITAR data. They are considering Protegrity's security solution as a add-on to their current TD environment. At a high level, can one of your experts provide the pluses and minuses of using the current TD environment vs the add-on solution from Protegrity?
0
Comment
Question by:Glenn Reis
  • 2
4 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40381765
(1) For the pt on Teradata existing, i believe their own saying will be a baseline starter for its merit and cons of their existing measures - in short we are measuring in terms of confidentiality, integrity and availability (CIA) from the application to systems level and the overall incident handling services provided. Measures commensurate with data classification.

http://developer.teradata.com/database/articles/defense-in-depth-best-practices-for-securing-a-teradata-data-warehouse

Even if security policies that provide for the classification of data are already in place, a "best practice" is to assign classification levels to the information and to the associated information processing services. Teradata security best practice is to develop and publish a security policy specific to the data warehouse and ensure that all users understand the policy. E.g. Teradata® Database supports below.  
> User-level security controls.
> Increased user authentication options.
> Support for security roles.
> Enterprise directory integration.
> Network traffic encryption.
> Auditing and monitoring controls.

Also to note of existing (which good to recap to client) - Teradata Database V2R5.0.2 has been evaluated to the requirements to the International Common Criteria for Information Technology Security Evaluation  (ISO 15408) standard. (The latter is which is meant to be used as a basis for evaluating security properties of Information Technology.)
While the evaluation considered the design of the system, it also considered processes used for testing and installation and included a vulnerability analysis. It provides a high level of assurance in the security design and implementation of a Teradata Database system. And it is intended to satisfy the requirements of those customers (primarily government agencies) that are required to procure only IT systems for which the security robustness has been formally evaluated and validated.


(2)  For the Protegrity piece, I see it generally as layer over the existing security architecture that your client is having. The value is likely the Protegrity Vaultless Tokenization (PVT) technology whereby the  tokenization is applied to the sensitive data before it enters the warehouse, using the enterprise’s own security policies.  
(fact sheet) http://www.protegrity.com/wp-content/uploads/2013/04/Protegrity-Vaultless-Tokenization-Fact-Sheet.pdf

The PVT does not use an ever-growing database and/or lookup table to store sensitive data or tokens. In fact, a database table is not used in the lookup process at all. The FAQ (http://www.protegrity.com/2012/04/vaultless-tokenization-faqs/) may help to beef the security adds, else it is not worst off in the existing state of Teradata.
0
 
LVL 62

Expert Comment

by:btan
ID: 41713757
It is answered -  security augments on existing TD for pluses and very much minimal is the standard additional cost and interoperability test & maintenance aspects which are more affecting the long term IT and OPS team workflow and budgeting.

To consider ID: 40381765 for acceptance
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ensuring effective and secure communication in the age of healthcare BYOD.
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question