Solved

Protegrity Security Solution vs Teradata's

Posted on 2014-10-14
4
29 Views
Last Modified: 2016-07-16
I have a client that currently has the Teradata EDW environment. Their business supports a number of Defense programs with sensitive ITAR data. They are considering Protegrity's security solution as a add-on to their current TD environment. At a high level, can one of your experts provide the pluses and minuses of using the current TD environment vs the add-on solution from Protegrity?
0
Comment
Question by:Glenn Reis
  • 2
4 Comments
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
(1) For the pt on Teradata existing, i believe their own saying will be a baseline starter for its merit and cons of their existing measures - in short we are measuring in terms of confidentiality, integrity and availability (CIA) from the application to systems level and the overall incident handling services provided. Measures commensurate with data classification.

http://developer.teradata.com/database/articles/defense-in-depth-best-practices-for-securing-a-teradata-data-warehouse

Even if security policies that provide for the classification of data are already in place, a "best practice" is to assign classification levels to the information and to the associated information processing services. Teradata security best practice is to develop and publish a security policy specific to the data warehouse and ensure that all users understand the policy. E.g. Teradata® Database supports below.  
> User-level security controls.
> Increased user authentication options.
> Support for security roles.
> Enterprise directory integration.
> Network traffic encryption.
> Auditing and monitoring controls.

Also to note of existing (which good to recap to client) - Teradata Database V2R5.0.2 has been evaluated to the requirements to the International Common Criteria for Information Technology Security Evaluation  (ISO 15408) standard. (The latter is which is meant to be used as a basis for evaluating security properties of Information Technology.)
While the evaluation considered the design of the system, it also considered processes used for testing and installation and included a vulnerability analysis. It provides a high level of assurance in the security design and implementation of a Teradata Database system. And it is intended to satisfy the requirements of those customers (primarily government agencies) that are required to procure only IT systems for which the security robustness has been formally evaluated and validated.


(2)  For the Protegrity piece, I see it generally as layer over the existing security architecture that your client is having. The value is likely the Protegrity Vaultless Tokenization (PVT) technology whereby the  tokenization is applied to the sensitive data before it enters the warehouse, using the enterprise’s own security policies.  
(fact sheet) http://www.protegrity.com/wp-content/uploads/2013/04/Protegrity-Vaultless-Tokenization-Fact-Sheet.pdf

The PVT does not use an ever-growing database and/or lookup table to store sensitive data or tokens. In fact, a database table is not used in the lookup process at all. The FAQ (http://www.protegrity.com/2012/04/vaultless-tokenization-faqs/) may help to beef the security adds, else it is not worst off in the existing state of Teradata.
0
 
LVL 61

Expert Comment

by:btan
Comment Utility
It is answered -  security augments on existing TD for pluses and very much minimal is the standard additional cost and interoperability test & maintenance aspects which are more affecting the long term IT and OPS team workflow and budgeting.

To consider ID: 40381765 for acceptance
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now