Protegrity is a leader in database security software, delivering privacy and protection solutions for mission-critical data stored in databases. Its flagship product Secure.Data enables companies to comply with the strictest government and industry regulations on data privacy and security by preventing both unauthorized and unauditable access to sensitive data.

We talked with Scott C. Nevins, President and CEO of Protegrity, about the company and database security issues. Mr. Nevins is a recognized business leader with an impressive track record spanning more than two decades. He has successfully built four emerging technology and service companies.

The boom of online business gave a large boost to database security in the past few years. Who are the people you see most worried about database security?

The people most concerned about security are the CISOs (Chief Information Security Officers), CPOs (Chief Privacy Officers), and IT Auditors and Compliance Officers. Due to government and industry regulations, senior executives are now personally liable for security and privacy of information. Company executives are attacking this issue head on to fulfill their internal and external obligations. A breach now costs a company significant dollars, potential jail time, and loss of customer and partner confidence.

What do you see as the major challenge in database security today?


Most companies today are still focused on securing data "in transit" rather than "data at rest" in the database. Data lies dormant in databases over 99% of the time and it is there that it is most vulnerable to both internal and external breaches.

Internal DBAs, high level programmers, and experienced users have a high degree of access to sensitive data. External hackers who penetrate the perimeter security defenses know that the crown jewels are in the database. Unauthorized access NEEDS to be stopped.

Companies must face the challenge of securing the data in their databases to create complete security solutions. Past concerns of poor performance, high implementation costs, and weak data security through simple encryption are met head on with Protegrity's Secure.Data product where implementation times are generally 1-3 days, minimal performance degradation, application transparent and high level security.

Companies need to act and proactively protect their data in their databases.

How much success have you had with Secure.Data? Is it still the only system in the world to encrypt and secure database information at the data-item level?