Along with Protegrity standard UDF-based security, the Protegrity Mainframe Protector provides two mechanisms for securing sensitive data in IBM DB2. These mechanisms provide high transparency to calling applications, reducing or eliminating the need to modify them. Support is available for Linux DB2, Oracle, and other databases, including table view and insert, update and delete triggers.

Field Proc: Protects/unprotects when data is inserted into or retrieved from a column configured with the Field Proc.

  • Selective column protection.
  • Supports the protection of sensitive data as an index.
  • Protegrity is the only vendor that provides this type of solution.

Edit Proc: Protects/unprotects when data is inserted or retrieved into/from a row that has been configured with the Edit Proc.

  • The entire row is encrypted.


The Protegrity Mainframe Protector provides multiple APIs that are callable from COBOL, PL1, or other languages, including Adabase Natural. Unlike most APIs, developers will not be able to control the protect/unprotect functions used, nor will they be able to control who can access protected data.

This functionality is extremely versatile and delivers the maximum level of control. It can be used to protect VSAM files, IMS, DB2, and non-DB2 systems such as Natural/ADABASE.


Strong encryption provides an effective File protection is utility based and designed to run in batch as a job step. The Protegrity Mainframe Protector can protect full or partial rows, or a combination of rows and columns, and can protect transaction or flat files.

In addition, the Cryptographic SubSystem uses the JCL SUBSYS parameter to provide protection during the input read process and output write process. This method means that data is never in the clear except while the application is processing it.

Protegrity Mainframe Protector Data Sheet