Protegrity Security Solution vs Teradata's

I have a client that currently has the Teradata EDW environment. Their business supports a number of Defense programs with sensitive ITAR data. They are considering Protegrity's security solution as a add-on to their current TD environment. At a high level, can one of your experts provide the pluses and minuses of using the current TD environment vs the add-on solution from Protegrity?
Glenn ReisAsked:
Who is Participating?
btanConnect With a Mentor Exec ConsultantCommented:
(1) For the pt on Teradata existing, i believe their own saying will be a baseline starter for its merit and cons of their existing measures - in short we are measuring in terms of confidentiality, integrity and availability (CIA) from the application to systems level and the overall incident handling services provided. Measures commensurate with data classification.

Even if security policies that provide for the classification of data are already in place, a "best practice" is to assign classification levels to the information and to the associated information processing services. Teradata security best practice is to develop and publish a security policy specific to the data warehouse and ensure that all users understand the policy. E.g. Teradata® Database supports below.  
> User-level security controls.
> Increased user authentication options.
> Support for security roles.
> Enterprise directory integration.
> Network traffic encryption.
> Auditing and monitoring controls.

Also to note of existing (which good to recap to client) - Teradata Database V2R5.0.2 has been evaluated to the requirements to the International Common Criteria for Information Technology Security Evaluation  (ISO 15408) standard. (The latter is which is meant to be used as a basis for evaluating security properties of Information Technology.)
While the evaluation considered the design of the system, it also considered processes used for testing and installation and included a vulnerability analysis. It provides a high level of assurance in the security design and implementation of a Teradata Database system. And it is intended to satisfy the requirements of those customers (primarily government agencies) that are required to procure only IT systems for which the security robustness has been formally evaluated and validated.

(2)  For the Protegrity piece, I see it generally as layer over the existing security architecture that your client is having. The value is likely the Protegrity Vaultless Tokenization (PVT) technology whereby the  tokenization is applied to the sensitive data before it enters the warehouse, using the enterprise’s own security policies.  
(fact sheet)

The PVT does not use an ever-growing database and/or lookup table to store sensitive data or tokens. In fact, a database table is not used in the lookup process at all. The FAQ ( may help to beef the security adds, else it is not worst off in the existing state of Teradata.
btanExec ConsultantCommented:
It is answered -  security augments on existing TD for pluses and very much minimal is the standard additional cost and interoperability test & maintenance aspects which are more affecting the long term IT and OPS team workflow and budgeting.

To consider ID: 40381765 for acceptance
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.