profile

The First MySQL DB Encryption Software, MyDiamo

MySQL DB Encryption Software

Web security and DB encryption provider Penta Security Systems (Representative CEO/Founder Seok Woo Lee) announced that it will be releasing the first MySQL DB encryption software ‘MyDiamo’ on March 1, 2013. For some time, MySQL users have not had access to advanced data encryption software. This was problematic for those needing to safely secure private information, credit card numbers, and other sensitive data. From now on, Penta Security’s MyDiamo will allow MySQL users to encrypt and decrypt their data with powerful key strength algorithms.mysql db encryption software mydiamo

MyDiamo uses international standard encryption algorithms such as AES and TDES. In addition, MyDiamo supports one-way encryption for passwords, partial encryption for index column encryption, and credit card number masking for PCI DSS compliance. It also provides column-based encryption to minimize performance degradation, as encryption by column affects DB performance the least.

“Freeware licenses available for educational or non-profit personal use”

CTO and director of Penta Security’s Research & Development center, Dr. Duk Soo Kim said, “In order to spread the word about our security products, free licenses will be provided for personal users who wish to adopt MyDiamo for educational or non-profit purposes. For commercial users, purchasing a license will enable high level technical support services from Penta Security’s DB security experts.”

Kim also stated, “MySQL is open source software. This allowed us to develop a column-based encryption technology that operates at the engine level. Our plan was to create a product that can be used by the public. However, we sought to cinclude two technology features from our commercial encryption software D’Amo. D’Amo has received multiple certificates and recognition worldwide, and is trusted by 1,300 national and international customers.”

The GUI management console is provided as an add-on feature of phpMyAdmin with GPL (GNU Public License). It is completely open-source to the public, and the encryption engine of MyDiamo is distributed by a MyDiamo license. You can check detailed information and product data downloads regarding MyDiamo by visiting (www.MyDiamo.com).

profile

50% of DB Encryption Market Share

D’Amo, the comprehensive database encryption solution developed by Penta Security Systems, offers DB encryption, as well as access control features for the encrypted data. By distinguishing between authorized and unauthorized users, access to encrypted data can be fully controlled. The D’Amo administrator is able to specify user login authority by source IP address, permitted time period, and application program. As an advanced option, the administrator can also define the authority to encrypt and decrypt data columns by user. This allows the data, and access to it, to be much more secure. D’Amo does not require many changes to existing application programs to implement.

D’Amo also provides an auditing function for important data columns that tracks which users or computers have performed operations. Based on the provided data, it can apply security policies to prevent questionable access or privilege abuse. It is also equipped with options for optimizing post-encryption performance, as many encryption solutions can significantly reduce performance speed after large amounts of data have undergone encryption.

DB Encryption Market Share

As of last October, D’Amo maintained a majority of the DB encryption market in Korea. It claim approximately 50% of the total market share. Most of these procurements were from the public sector. However, D’Amo advertises a product line-up optimized for a wide variety of enterprise environments, and many strong references attest to its convenience.

Mr. Gyeong Myeong Baek, DB encryption product manager for Penta Security Systems Inc. said, “Because many methods for performing encryption exist, it is necessary to select an optimized solution that is appropriate for the company’s DB. This selection should minimize performance degradation and maximize the company’s desired response to a compliance issue.” He emphasized, “D’Amo fulfills this need by providing not only a single solution. It provides a variety of options capable of suiting any type of enterprise environment. The available encryption modes are Plug-in type, API, and In-place. How D’Amo is implemented will depend on the target enterprise’s environment. Each mode functions differently.”

Collaboration with Vendors

Penta Security Systems has made great endeavors to provide a product lineup that supports the wide assortment of DB ecosystems existing today. At first, D’Amo began as a Plug-in product for Oracle, SQL, and DB2. After additional development, the product’s technology expanded to offer compatibility with several other DB systems, as well as API and In-place methods of encryption.

To accomplish this, Penta Security turned its attention toward collaboration with other DBMS vendors. Such collaboration enabled Penta Security’s D’Amo to acquire DB security certification for SAP. Other cooperative development projects with Tibero allowed Penta to bundle D’Amo with Altibase DBMS.

Penta Security Systems has also designed the ‘SG Analyzer.’ It collects DB queries and predicts the post-encryption performance of the DB. This analyzer is what enables Penta to choose the most appropriate encryption platform for their client’s system infrastructure. This pre-customization has helped expand Penta’s market clients to include libraries, hospitals, ERPs, and others.

Gooft Software Certification

D’amo recently acquired the ‘GS (Good Software)’ certification after undergoing a major upgrade from version 2.3 to version 3.0. The GS certification is a national recognition for software products that pass the software evaluation model. This is based on the international standards set by the Telecommunications Technology Association (TTA).

Baek commented on the certification as well: “D’amo 3.0 is focused on promoting management convenience and improving performance for customers who are sensitive to performance issues, such as in mission-critical applications.” He continued, “We forecast that the need for DB encryption is going to continue in 2013 due to the Personal Information Protection Act. Therefore, we aim to solidly position D’amo in the marketplace. Although DB encryption seems to have been adopted mostly by big enterprises until now, we will be able to open up a market for small and medium-sized enterprises with a new business model.”