PKI appliance goes for selective security

A system from Ingrian Networks aims to end network security overkill by concentrating on the important bits

Data security company Ingrian Networks launched a PKI (public key infrastructure) appliance on Thursday that can encrypt selected data stored in an application or a database.

Enterprises traditionally spend a significant amount of their resources securing the network perimeter, despite the fact, noted by analysts and security experts, that a majority of attacks originate from within networks. Ingrian's product takes a different tack, allowing small sections of application or database information to be hidden from all unauthorised users, whether within or outside the network.

Karim Toubba, vice president of product management and marketing, told ZDNet UK that large companies such as banks have a relatively small amount of data on their systems that absolutely needs to be secured, so it would be inefficient to encrypt everything. "In a typical bank, the amount of information that is a significant risk to the business is rarely over 1 percent of all the data. But it is that 1 percent that represents the maximum impact to the business if that information is stolen," he said.

Toubba explained that using the DataSecure platform companies can decide to encrypt vital information, such as financial records or valuable intellectual property, while relying on more traditional methods for securing less important information. "The appliance allows you to select data at a granular level and encrypt it. So when it sits on databases, applications, systems and storage within a network, if the system is compromised in any way by an internal or external attacker, that data is effectively illegible," he said.

The Ingrian Networks DataSecure platform comprises a Linux-based appliance that runs Ingrian's proprietary server software and a set of agents that are installed on the applications and databases requiring protection. Once the administrator chooses which fields or records are to be encrypted, the appliance acts as gatekeeper to the information, checking users' access privileges.