The level of protection you need – where you need it most

To help organizations implement a truly comprehensive data security strategy, Protegrity’s Data Security Platform offers a collaborative set of data protection products—Data Protectors—that can be combined to protect sensitive data end-to-end: from the point of creation to the point of archive or purging. These products provide the diverse set of functions needed to protect sensitive data across the heterogeneous environments throughout the enterprise. Protegrity’s Data Security Platform includes the following data protection products:


The Application Protector provides a simple Application Programming Interface (API) that can be integrated with existing applications to protect sensitive data. It adds a level of flexibility beyond the Database Protector and File Protector that is sometimes required when a solution is needed for a complex enterprise data environment.

The Application Protector strongly supports Separation of Duties. Even though a developer can use API functions to encrypt or to decrypt sensitive data, the developer never controls the data encryption key, the crypto algorithm, or the access control to sensitive data in the clear. The Security Officer is in control of this and defines it in a Data Security Policy.


Protegrity Big Data Protector secures all sensitive data in Hadoop utilizing advanced tokenization and encryption — at rest in the Hadoop Distributed File System (HDFS); in use during MapReduce, Hive, and Pig processing; and in transit to and from other data systems. All major distributions are supported including Cloudera, Hortonworks, Pivotal, and MapR.


Protegrity’s patented Database Protector performs column level data protection in accordance with the protection rules define in the Data Security Policy set by the Security Officer. This product delivers transparency (little or no modifications) to applications that use the database being protected.

Security Officers use the protection attributes to define the proper specific data protection method (making data unreadable) and to control what type of access to the sensitive data is given to the various groups of users. For example, database administrators will not be able to view encrypted sensitive data in the clear, but they will be able to continue to perform their responsibilities in administering and optimizing the database.

The Protegrity Database Protector is certified on all standard Linux, UNIX and Windows environments, Teradata Database, Oracle, IBM DB2/iSeries/zSeries, and all other major relational databases.


As files move through the enterprise, they are typically dropped into folders by one process and are picked up from the folder by another process without human intervention. Protegrity’s File Protector employs a highly transparent approach to protecting files that are used throughout the enterprise data flow.


Along with Protegrity standard UDF-based security, the Protegrity Mainframe Protector provides two mechanisms for securing sensitive data in IBM DB2. These mechanisms provide high transparency to calling applications, reducing or eliminating the need to modify them. Support is available for Linux DB2, Oracle, and other databases, including table view and insert, update and delete triggers.