Don’t miss our upcoming live webinar led by Chief Architect Bob Luebbe!
Get Your FTP Server in Compliance
Thursday, January 31 at Noon Central
With the recently added rules for the Healthcare Insurance Portability and Accountability Act (HIPAA) that now holds trading partners and business associates accountable if they also handle patient data, it’s a good time to review whether your FTP server is updated and ready to meet compliance requirements. Learn how to keep your data as well as trading partner files protected within your network and still allow external access without opening inbound network ports. You can also see a demo of Linoma Software’s GoAnywhere™, a managed file transfer solution that includes a secure FTP server and a reverse proxy DMZ gateway with clustering and load balancing capabilities to ensure high availability.
IBM i Encryption Made Easy with DB2 Field Procedures
Now Available On Demand
During this recorded webinar, you can learn about how to make the DB2 Field Procedures Tool in IBM version 7.1 work even more efficiently as part of a more comprehensive solution, one that makes it easier to implement encryption, manage keys, and generate auditing reports so important for meeting compliance regulations like HIPAA and PCI DSS,. You can also see a demo of Linoma’s popular encryption software Crypto Complete.
All of our webinars are recorded, so if you register and are not able to attend live, you’ll be able to review the webinar at a more convenient time.
We look forward to having you join us and will be happy to answer any questions you have.
For years we’ve received emails, phone calls, and comments at trade shows about how much our customers appreciate our support team, and we’re always so glad to hear that. Our dual missions at Linoma Software is to develop (and enhance) the best possible products and to provide exceptional support for those products.
Our core support team is the first to arrive* and the last to leave each day, and between scheduled trainings, emails, online chats and phone calls, they patiently work through any questions a customer may have, and happily pass along suggestions for enhancements to our development team.
We invite you to watch this video, and if you’ve had a good experience with someone from our support team, please let us know. You can leave a comment below, email us, call us, or write a quick note on LinkedIn. We could even make you a video star!
We love patting our support folks on the back for a job well done, and thank you for your rave reviews.
**Ok, the developers are here early and stay late, too! Sometimes really late!
Now that corporate applications are easier to access via remote and mobile channels, it’s even more important to determine which sensitive data is accessible and where possible breaches may occur. Unfortunately, legions of hackers with Wi-Fi and mobile hacking tools make it imperative that organizations prepare for and defend against potential attacks with even more pervasive security procedures.
One step in creating a stronger defense is to employ field or column-level encryption to protect sensitive data at rest.
Implementing a custom field encryption project on IBM i used to be a notoriously long and painful process. Programming code changes for field level encryption required a steep learning curve, costly programming resources, and even more time in testing, validating and updating the changed application source code. Most companies simply could not justify the additional strain on their budgets for this level of project development requirements.
In response to this challenge, IBM released its OS version 7.1 with DB2 field procedure (FieldProcs) in April of 2010 that greatly simplified the field encryption process. With the new FieldProcs technology, encryption projects can be streamlined because the field procedures are invoked at the database level, making it transparent to the applications. The FieldProcs can be coded to automatically encrypt the field on Inserts and Updates, and subsequently decrypt the field only for authorized users on Read operations. Subsequently, FieldProcs have become very important to those businesses that have legacy applications and limited budgets.
FieldProcs are a great step for improving the viability of field level encryption projects. But even with this, many companies don’t have the resources to integrate and manage the FieldProcs which is why third-party software solutions, like Linoma Software’s Crypto Complete, are valuable. Crypto Complete will generate and manage the FieldProcs on the fields within the files.
Crypto Complete also includes the key management, audit logs and access controls needed for PCI DSS and data privacy compliance. The value of using Crypto Complete for field encryption cannot be understated as it can greatly minimize the learning curve and reduce the implementation resource requirements from weeks to hours.
Today is another unfortunate reminder that no matter the size of a company or its industry, a data breach makes headlines.
Not only does it attract negative attention and erode customer confidence, an announcement that your company’s data has or may have been compromised can result in some steep financial penalties. If fines associated with violating regulations like HIPAA or state privacy laws don’t get you, potential lawsuits might.
Take LinkedIn, for example. Earlier this month, the social network of business professionals reported that nearly 6.5 million encrypted passwords had been leaked online.
Today, Mashable.com reports that LinkedIn is facing a $5 million civil lawsuit from a user claiming that LinkedIn’s security policy violated industry standards for database security.
There really are no lessons for the rest of us to learn from this latest breach, because most of us already know what we’re supposed to do.
- Keep passwords secure, reasonably complex, and change them regularly.
- Ensure your company is using only the most secure encryption standards like AES or Open PGP.
- Stay abreast of the latest news and techniques for keeping your company security policies and practices up to date and as impenetrable as possible.
- Invest in solutions that streamline your data encryption processes, that include comprehensive auditing and reporting tools, and that ensure the security of your data at rest and in motion.
The question is how much longer can you postpone taking these steps to ensure that your company isn’t making news next week with an embarrassing and costly data breach?