PrivateServer HSM Enabling Microsoft SQL Server 2008 to Secure Sensitive Information

PrivateServer™ is a highly secure (FIPS 140-2 Level 3 validated), network attached, Hardware Security Module (HSM) that provides an environment for conducting sensitive cryptographic operations, secure storage, and management of a large number of keys.

One of the main features PrivateServer offers is an EKM (Extensible Key Management) plug-in that enables vendors to integrate with the SQL Server 2008 and provide cryptographic capabilities such as bulk encryption, decryption, and key management functions. By adding EKM to PrivateServer's growing list of supported API's, PrivateServer HSM can now serve as an external cryptographic provider, alleviating SQL's operations and significantly enhancing operational security. Via this feature, any organization that uses Microsoft SQL Server 2008 as its database engine can now use PrivateServer HSM to secure sensitive information in its database. A significant advantage of this new feature is that it does not require any further development or integration by the application developer or database administrator.

The PrivateServer EKM provider is suitable for any organization that is bound to the PCI-DSS (Payment Card Industry - Data Security Standard) regulations that require encryption of sensitive information such as credit card numbers.

• Execution of all cryptographic operations within the secured PrivateServer HSM enclosure.
• High availability/load balancing setup provides reliable solution and boosts overall performance.
• Storage of an unlimited number of keys, all within the secured PrivateServer HSM enclosure.
• High performance of bulk cryptographic operations provides the best cost effective solution for database security.
• Support for multiple user sessions (each potentially having multiple keys) with secured authentication and login.

PrivateServer can also be deployed in a high availability/load balancing setup (HA/LB). This capability eliminates problems that arise from Single Point of Failure (SPOF) scenarios (i.e., database system downtime) as well as load bottlenecks.

PrivateServer's high availability capability enables an organization's mission critical applications to continue accessing their sensitive data even if one of the HSM systems goes down. 

For organizations that require a significant amount of data to be encrypted at once, with additional encryption at regular intervals, PrivateServer's HA/LB feature provides a superior solution.