Information security vendor SafeNet has announced that its Luna SA hardware security module (HSM) has become the first HSM to work with Microsoft SQL Server 2008.
It is said this will offer application security and performance by offloading select management functionality. It will also help companies meet strict compliance guidelines.
By integrating Luna SA with SQL Server 2008 users will be able to store the server’s master cryptographic keys, the foundation of any robust security platform, within the hardware rather than the software.
Derek Tumulak, vice-president, product management, SafeNet, said: “Storing keys in software is risky to an organisation’s data, and to its compliance standing, especially under mandates like PCI DSS where best-practice standard suggests organisations protect cryptographic keys separately and apart from cardholder data. Secure key management and encryption are the most challenging parts of data protection and compliance.”
SafeNet says that keeping the keys away from the data reduces the risk of exposure and challenge. HSMs are physical devices that keep business critical cryptographic keys at the highest security level.
SafeNet’s offering can be leveraged by many servers, which the company says enables the ability to securely partition and share the HSM resource and is a cost-effective way of extending the data platform.
Mark Jewett, director of SQL Server marketing at, Microsoft, said: “SafeNet’s Luna SA provides organisations using SQL Server 2008 additional security features to help meet today’s ever-evolving data threats and compliance mandates. Organisations can add a layer of security technology that protects keys to be separate from the data it protects while accelerating complex features such as key rotation.”
The company has also announced that its Luna PCI HSM can also be integrated with Microsoft SQL Server 2008. The Luna PCI is a high-security cryptographic PCI accelerator card, which when embedded directly into the database server can offer added security and accelerated cryptographic performance and CPU offload.
Both products are part of SafeNet’s Enterprise Data Protection (EDP) system, said to be the only platform that secures data across the connected enterprise, from core to edge, whether it is resting, in transit or in use.