Protegrity First to Extend Tokenization to Personally Identifiable Information, HIPAA Data Types
Protegrity Data Security Platform 5.5 Lowers Cost and Complexity for Regulatory Compliance with Minimal Impact on IT System Performance, Cloud Compatibility, No Collisions
STAMFORD, Conn., Feb. 10, 2011 – Protegrity USA, Inc. today launched Protegrity Data Security Platform 5.5, a comprehensive enterprise security management solution that protects sensitive customer data residing in applications, files and databases. The new platform extends Protegrity’s tokenization capabilities to additional data types including Personally Identifiable Information (PII) like medical IDs, email addresses, social security numbers, dates, addresses and names, allowing organizations to improve security of this data and minimize risk. The Protegrity Data Security Platform is proven to reduce the scope and associated costs of complying with PCI DSS or HIPAA requirements for healthcare, retail, marketing, financial services, insurance, government and life sciences organizations that process PII or credit card data. Organizations that have access to sensitive customer data are highly concerned with securing this information to maintain a positive brand reputation. Regulatory requirements created to keep this information safe such as HIPAA, the Privacy Act and PCI DSS have guided organizations toward best practices in securing their sensitive data, but these same regulations have also introduced new costs and resource-heavy processes. According to a recent Ponemon Institute study titled “The True Cost of Compliance,” the cost of achieving regulatory security compliance is on average $3.5 million each year with companies paying $9.4 million a year for non-compliance-related problems. “Personally identifiable business data has become incredibly vulnerable with the steady rise of targeted attacks and simultaneous explosion of cloud computing,” said Raul Ortega, vice president, research and development, Protegrity. “This situation has put a huge strain on organizations that are dealing with skyrocketing costs and complexity to stay compliant. The new tokenization capabilities of the Protegrity Data Security Platform deliver unmatched protection and performance while significantly reducing costs associated with PCI and now HIPAA compliance.” “With escalating IT security costs and continued complexity related to PCI DSS compliance, organizations should take a fresh look at the advantages of tokenization,” said Scott Crawford, research director at Enterprise Management Associates. “Protegrity’s announcement highlights how tokenization can help secure other types of personally identifiable information, such as medical IDs, dates and e-mail addresses that are strictly governed under HIPAA, providing a useful and often more application-friendly alternative to tactics such as encryption. Those who think that tokenization is only about credit account security should explore its advantages more deeply.”
High Performance Tokenization for HIPAA Compliance
Because Protegrity Data Security Platform 5.5 now tokenizes alphabetic, numeric and alphanumeric data, it can be deployed by organizations that need to follow strict regulations in protecting data classified as “HIPAA 18” (medical IDs, dates, e-mail addresses, URLs, etc.). Protecting healthcare data is a very complex process because it comes in multiple formats and must be frequently accessed at many points throughout the data flow. As a result, encryption and traditional tokenization are cumbersome methods for healthcare security because they impact system performance at every data access point and create significant latency. The new Protegrity platform tokenizes healthcare data with minimal impact on system performance and significantly reduces latency commonly associated with other methods.
Low Impact Tokenization with No Collisions
Unlike other tokenization methods that negatively impact IT system performance by storing massive amounts of encrypted data in the token server, Protegrity Tokenization removes the encrypted data from the token server, creating a very small system footprint. This patented approach reduces latency and delivers the fastest tokenization in the industry. Latency is also reduced because tokenization can happen on the mainframe without having to go to a token server outside the mainframe. In addition, because Protegrity Tokenization eliminates the need for resource-intensive data replication or synchronization, there is no risk of token collisions. The end result is a solution that dramatically lowers costs and complexity with regulatory security compliance.
Optimized for the Cloud
Protegrity Data Security Platform now interoperates with cloud databases due to new compatibility with VMWare Hypervisor, Citrix XenServer Hypervisor, XenSource Hypervisor and Microsoft Hyper-V virtual servers. Protegrity Data Security Platform 5.5 is available now. Protegrity runs on Teradata data warehouse systems and is compatible with IBM, Dell and HP servers. All data protection activities (encryption and tokenization) can now be performed via a standard web service, greatly easing the integration of the solution for developers.
Headquartered in Stamford, Conn., Protegrity provides high performance, infinitely scalable, end-to-end data security solutions that protect sensitive information across the enterprise from the point of acquisition to deletion. The company’s award winning software products span a variety of data protection methods, including end-to-end encryption, tokenization, masking and monitoring and are backed by several important data protection technology patents. Currently, more than 200 enterprise customers worldwide rely on Protegrity’s comprehensive data security solutions to enable compliance for PCI-DSS, HIPAA and other data security requirements while protecting their sensitive data, brand, and business reputation. For more information, please log on to http://www.protegrity.com. ###