New Protegrity Solution Eliminates Need For "Compensating Controls" To Meet PCI Compliance

Protegrity Data Security Platform 5.2 for Mainframe manages protection of databases, files, and applications under a single policy

October 5, 2010

3 Min Read


STAMFORD, Conn., Sept. 29, 2010 – Protegrity USA, Inc., a leading provider of end-to-end data security solutions, today announced the general availability of Protegrity Data Security Platform 5.2 for Mainframe, delivering high performance and scalable protection of sensitive data within the IBM Mainframe computing environment. The new solution allows large enterprises and government organizations to manage their protection of databases, files and applications under a single policy, lowering the total cost of ownership for meeting regulatory compliance.

The complexity of mainframe computing environments has driven companies to avoid protecting sensitive information moving through databases, files and applications connected to these systems, such as DB2 for z/OS. As a workaround, companies have been relying on compensating controls to meet requirements for Payment Card Industry Data Security Standard (PCI DSS) and other regulatory compliance. The new Protegrity solution has the breadth and ease of integration with enterprise key management capabilities required for companies to actually protect data on the mainframe instead of using compensating controls.

“According to a recent Ponemon Institute study, 41 percent of merchants rely on compensating controls to meet their PCI DSS requirements. The technical nuances of mainframe environments are driving this trend, but the fact is that businesses can’t use compensating controls forever,” said Raul Ortega, vice president of Research and Development at Protegrity USA, Inc. “With today’s release, Protegrity is extending our leadership in mainframe data protection with support for a wide range of important enterprise situations.”

Additional new enhancements include:

* High Performance Data Security is achieved by working directly with crypto cards without the need for an abstraction layer * Flexible Data Security becomes possible via the ability to manage database, file and application protection under a single policy * Interoperability with systems that are upstream and downstream from the mainframe enables broader data protection * Central Policy and Key Management allows encrypted data to interoperate with heterogeneous enterprise data flow * Risk Adjusted Data Protection offers users a variety of choices for protecting data in line with their unique business requirements * CUSP encryption mode support has been extended to applications running on open systems to facilitate the movement of CUSP-encrypted data between the IBM Mainframe and non-mainframe systems.

“Recognizing that PCI DSS compensating controls is ultimately not a permanent solution for securing sensitive data in the mainframe, we turned to Protegrity,” said Dan Ritari, Vice President Enterprise Information Risk Management, Deluxe Corporation. “Now, managing data security and compliance within our Mainframe DB2 is no longer a complex process. In addition to improving overall data protection, Protegrity’s policy-based approach allows Deluxe to stay compliant by centralizing auditing and access control.”

Pricing and Availability

Protegrity Data Security Platform 5.2 for Mainframe includes three protectors, which can be purchased separately or as a complete solution: Database Protector 5.2 for Mainframe; Application Protector 5.2 for Mainframe; and File Protector 5.2 for Mainframe. The new release is compatible with IBM Mainframe systems running on z/OS. All elements of the new solution are immediately available for purchase. For details on pricing, please contact [email protected] or visit


Last week Protegrity presented a webinar about protecting sensitive Data within the IBM Mainframe computing environment. An archive is available at:

About Protegrity

Headquartered in Stamford, Conn., Protegrity provides high performance, infinitely scalable, end-to-end data security solutions that protect sensitive information across the enterprise from the point of acquisition to deletion. The company’s award winning software products span a variety of data protection methods, including end-to-end encryption, tokenization, masking and monitoring and are backed by several important data protection technology patents. Currently, more than 200 enterprise customers worldwide rely on Protegrity’s comprehensive data security solutions to enable compliance for PCI-DSS, HIPAA and other data security requirements while protecting their sensitive data, brand, and business reputation. For more information, please log on to

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights