DB Encryption: Business Insight from Our CTO
“D’Amo,” one of the primary product offerings by IT security company Penta Security Systems, celebrated its 10th anniversary this year. As such, Penta Security’s CTO, Duksoo Kim, shared his business insight regarding the industry and technologies.
The DB encryption solutions market has increased very rapidly since its introduction. Accordingly, Penta Security’s D’Amo has become one of the major security solutions in Korea. The company’s current position is the direct result of promoting D’Amo for 10 years after its initial release in 2004. The business scopes of the encryption market are also expanding. In recent years, not only do users encrypt core company data, but also core modules in cars, for example. In accordance with these changes, Penta Security will focus on making its products more sophisticated to become a major platform for encryption in the global market.
“We are drawing a big picture of an encryption platform. D’Amo is a total encryption platform that supports most of the database environments required in enterprises, including SAP, open source DB encryption, POS device encryption, Oracle DBMS, and Altibase memory.”
Kim explained that even though 10 to 15 DB encryption companies are competing against each other as the security solution market is growing bigger each year, D’Amo is actually the only security solution with its own core technology.
D’Amo provides various components that address hacking, vulnerability and privilege management for enterprises. He added that Penta owns its encryption technology for securing data. The fact that D’Amo has evolved from a package type to a platform means that it can encrypt not only databases, but also OSs and applications. Also, key management is available for authentication and access control, which makes it easier for administrators to manage policies and protect data efficiently.
Controlling policy through key management functions
Kim pointed out that most service companies have already built, or are trying to build, DB encryption systems. The financial sector, however, is delaying the implementation of DB encryption. Banks have already started applying encryption on a partial basis, but they are postponing complete implementation. This is because the important information they have is not organized, and there is concern about the influence of encryption when information is classified according to policies.
DB encryption will eventually improve performance, because it will help organize data and manage partitions. Kim added, “Of course, it would be difficult doing all the classification and implementation at first. However, once you have done it, the burden will decrease and security levels will improve. More importantly, DB encryption can make future system development/design, and DB integration for outsourcing easier by organizing data.”
Most companies have a very disorganized classification scheme as a result of focusing on business convenience. However, DB encryption is becoming a mandatory requirement for corporate compliance. This is considered to be the foundation of enterprise security.
While encrypting existing databases, the main data will be classified and systematized. This will allow administrators to make better policies and manage DB more efficiently, which results in improved overall security. Kim mentioned the importance of policy that can determine the appropriate level of data collection. When designing database security policy in enterprise systems, the existing systems should be analyzed to determine whether too much identifiable data have been obtained.
When an appropriate policy is set, data is well-protected and organized with no duplicate data. It is also common that DB performance and speed will increase after implementing encryption. Penta Security Systems has built DB systems for many enterprises, including Daelim Group, SK Hynix, Kangwon Land, Daishin Securities.
Higher performance than expected
“Dealing with data is very sensitive and many considerations must be taken into account. As a result, a Benchmarking Test (BMT) is sometimes used to measure the effect. Usually, when the BMT is carried out, customers are surprised that the system performance has improved after implementing DB encryption.” -Duk Soo Kim
Last year, Penta Security completed many encryption projects with stock/securities companies. These clients tend to be very speed-sensitive; nonetheless, there were no technical problems for Penta. There are many things to consider while completing a DB encryption project. This can be because the client system is very complicated, and/or because many parts of the system have an impact on one another. Therefore, a more deliberate approach is essential. Implementation is easy, but encryption companies have to discuss even small elements of policy settings with customers to achieve optimal results. Even though it is common for developers and DB professionals to work together for financial sector projects, most do not consider the key issue of performance after encryption.
Kim emphasized the differences between D’Amo and other products on the market. Other products are focused on a specific point, but D’Amo became a platform in 2012, thereby expanding its encryption range. As a platform, D’Amo provides an integrated model that supports various encryption methods for application, DB packages, DB engine levels, and separate equipment, covering all corporate environments. Also, Penta Security has extensive experience in encryption, which has made D’Amo a truly competitive solution.
Public sector customers had been the main customers for the encryption companies until about five years ago. Now, many private sector customers are also implementing the encryption solutions/platforms, and has taken over the public sector as the largest contributor of revenues. In particular, the financial sector has been growing consistently.
Business insight points to further growth
Duksoo Kim stated that Penta Security is trying to change people’s perception about the value of DB encryption as an improvement of overall security, rather than as simply another technology. These days, for example, DB encryption is not only for computers but also for appliances. Therefore, Penta Security is planning to expand its platform to the industries that need Penta Security’s unique technology offerings. He stated that he wants Penta Security to be known as a company that specializes in encryption. Penta Security is aiming to grow 30 percent in revenue this year, compared to last year’s numbers.
D’Amo: D’Amo is a DB encryption product from Penta Security. It can provide the best available encryption method for various DBMS environments, such as Oracle, MS-SQL, DBS, Altibase, and Tibero. D’Amo also supports various DBMS encryption methods, including the API encryption method, plug-in encryption method, hybrid method, In-place method, and Data Encryption Platform (DEP).