Tell us about HexaTier and its role in protecting databases.

DD: HexaTier’s role is to protect databases with a completely unified database security and compliance solution, enabling enterprises to shift their databases to the cloud safely and securely. Any company with a database – no matter its size, resources, or where it resides – deserves no less. Our unified database security solution runs on cloud, on premise, and in hybrid environments, protecting both traditional databases and database as a service (DBaaS).

A number of database security solutions are the market. Why do we need another one?

DD: More enterprises are embracing the inevitability of moving to cloud. Other than HexaTier, the traditional database security solutions currently available are coming up short in securing DBaaS. Organizations need a complete, streamlined, and scalable security and compliance solution. Traditional database security solutions are complicated, costly to implement, take weeks/months to install, and have to be physically attached to the database, limiting implementation options. With HexaTier, you get several solutions on a single platform, and installation takes only minutes.

Give us the specifics of your solution.

DD: HexaTier’s Unified Database Security and Compliance Solution offers four key elements to protect the organizational database system:

  • Database Security
  • Discovery of Sensitive Data
  • Dynamic Data Masking
  • Database Activity Monitoring (DAM)

In addition, we offer a unique solution that leverages the existing Active Director infrastructure and uses it for authentication when the database sits on the cloud or using DBaaS.

How does it work?

DD: HexaTier is installed as a front-end to the database and works as a reverse proxy, effectively hiding and securing the database. Unlike other solutions that inspect database communication and performance by connecting to the database server or installing an agent on the database server, the reverse proxy technology ensures that no unauthorized communication occurs with the database server, significantly reducing the databases’ attackable surfaces.

Because of the use of a reverse proxy, HexaTier also protects the database from SQL injection attacks (still the most common data breach method), secures sensitive information from internal and external threats, and enforces segregation of duties while meeting regulatory compliance requirements.

It also provides several database security features including automated learning mode, a database rule-based firewall, database auditing, database intrusion detection and prevention, and dynamic data masking.

The system can be up and running in just minutes.

What is the most significant difference from its competitors?

DD: As mentioned before, HexaTier is the first solution to support DBaaS. Unlike its competitors, HexaTier provides multiple security features in ONE unified solution. You get all the capabilities needed for a comprehensive database strategy including real-time intrusion prevention, database auditing and reporting, multifactor authorization, masking, and secure configuration management -all with improved integration. This makes the product one of the soundest business investments an enterprise can make.

Another advantage: Our patented Database Reverse Proxy technology doesn’t just protect the access to data; it protects the data itself. Because each and every database request needs to go through the HexaTier solution before it touches the database, you gain the closest protection possible, in real-time.

Also, the out-of-the-box security features can be quickly implemented on staging and testing environments, which, in most cases, are not secured. You can be confident of effectively maintaining a secure and compliance-ready for any environment.

Speaking of sound investments, can you delve more into the business advantages of adopting HexaTier’s solution?

DD: The business advantages are many. As I mentioned, our unified solution provides four key features:

  • Database Security – reduces the database’s attackable surface. The unified approach to security involves implementing database firewall, SQL injection prevention, segregation of duties, and database access control.
  • Discovery of Sensitive Data – automatically locates and classifies sensitive data to ensure alignment with regulatory requirements. Customized sensitive definitions can be added by writing regular expressions.
  • Database Activity Monitoring – monitors and audits administrative and access activity up to the database column level. It provides a “before and after” view of all changes made to the table or column and indicates who made them.
  • Dynamic Data Masking – eliminates exposure to sensitive information, and is performed at runtime, dynamically, and in real-time so there is no need for a second data source.

To get these features from other vendors, you need to buy four separate solutions, which means more monitoring, management, and maintenance, as well as time-consuming and expensive integrations. With HexaTier, you pay only for the database instances you use, making it a simple and clear solution.

HexaTier’s Unified Database Security and Compliance Solution: a healthy ROI?

DD: Absolutely! Here’s why. Consider only the cost of the breach – the lost data, the reputation loss, the legal liability, and the regulatory fines.

Network security, perimeter security, cloud security – all of those are focused on keeping information safe from external attacks. No perimeter security system can protect you against an internal threat. HexaTier delivers a healthy ROI for short- and long-term investment. I had a discussion recently with a journalist who put it rather succinctly: If my database isn’t secure, all the other stuff doesn’t matter.


To access the article on Virtual Magazine, click here.