Product Lines
Ruminations on the System i Market
August 9, 2008
Encryption: Your Last Line of Defense
If you clicked through to here from NEWS Daily looking for a language localization article, find it at "Products Speak Many Languages."
In the war on identity theft, encryption is an important weapon in your arsenal. I spoke with Bob Luebbe, Linoma Software's president and chief architect, recently to check in on the state of encryption and find out whether it's becoming more common in the System i world and easier to accomplish.
"We initially developed a product to help encrypt credit card numbers. Customers already had firewalls, network security, and fairly good System i security. But customers were still concerned that hackers could get access to data. So we've spent a lot of time doing encryption of all sorts of highly sensitive data. Encryption is the last line of defense, and it provides the highest protection possible," Bob says.
"But what we're seeing is that customers now are looking to encrypt other types of data besides credit card numbers. Identity theft is on the rise, and with that, we're starting to see organizations wanting to encrypt personal data such as Social Security numbers, birthdates, even names and addresses. They're concerned not only for their employees but also for their customer information."
We've all heard the stories about well-known companies losing laptops and backup tapes containing sensitive data about millions of people. But don't just take my word for it: If you haven't read "Backup Horror Stories," on System iNetwork, it's never too late to get up to speed, so go check it out after you read the rest of this blog post! Bob adds that even if the data isn't stolen, you still have a problem. "Maybe it got stuck away in a corner, or maybe someone really did steal it. The adverse effect of that is that companies have to notify all their customers. If you lose a laptop or backup tapes, and if that data is encrypted, the PCI says that you don't have to notify your customers of that breach, which maintains good relations with your customers." Bob points out that for breaches of personal information, regulation is mostly at the state level, so check your state law. In California, he says, as long as the data is encrypted, you don't have to notify the consumers.
"Encryption is really not that difficult, and our products are affordable for most companies. When you look at the costs of not encrypting," Bob stresses, "it's pretty easy to justify doing it."
When it comes to protecting their data, most companies' first instinct is to try to protect themselves from external hackers. "Probably 50 percent of the time, breaches are from your own employees," Bob warns. "Any programmer could look at payroll and other data. Companies look to encryption to also prevent their employees from accessing highly sensitive data." To address this concern, Bob says, Linoma's Crypto Complete lets you restrict which users are authorized to what data.
Companies today send all kinds of sensitive information over the Internet (e.g., direct deposits for employees, purchase orders, etc.). Before the Internet, companies exchanged data via private lines or private networks. "Probably the banking industry has done the best job of protecting data, but lots of other industries are sending confidential information over the Internet without protecting it," Bob explains. "Auditors come in to look at security exposures, and one of the first things they find is that a lot of stuff isn't being protected when it's leaving the data center. Linoma's GoAnywhere product can encrypt data transmissions. There are a lot of data transmission standards out there, such as SSL, SSH, and PGP, and once a company and its business partners agree on a standard, they can use a product that implements that standard to encrypt data before it's transmitted."
Speaking of GoAnywhere, Bob notes that Linoma recently joined the Microsoft Midrange Alliance Program (MAP). "The reason we joined MAP is because we're finding that customers have a mixed server environment, SQL Server, Oracle, Informix, and so forth. Thus, we're really getting into more complex environments. So we're starting to form alliances with other vendors besides IBM. For instance, GoAnywhere can take data from the System i and send that to a SQL Server machine and vice versa. As companies add all these different database servers, they need to be able to share that data between them."
Joining MAP also presented a good opportunity for Linoma to partner with other companies in the program. "A lot of these companies have products complementary to ours. We're starting conversations so we can do some cross selling and ultimately help the customers in these mixed environments."
IT life is only becoming more complex, as we all can attest. "It used to be that System i shops had to worry only about RPG and DB2 and how to make that data usable to their users. Now we're talking to IT people who are not only responsible for System i but also an Oracle server, a SQL Server box, and more." Linoma's goal is to help customers simplify that complexity while keeping their data securely encrypted.
--Linda Harty, security & networking/connectivity editor
Posted by lharty at August 9, 2008 11:27 AM
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
Blog Policy
We welcome your comments and opinions and encourage lively debate on the issues. However, Penton Media reserves the right to delete or move any content that it may determine, in its sole discretion, violates or may violate its Terms of Use or is otherwise unacceptable. For more information, see Penton Media's Terms of Use.