Posts Tagged encryption

Linoma Software celebrates 20 Year Anniversary

Posted by on Monday, 17 November, 2014

Linoma Software-20 Year-FINALLinoma Software is celebrating 20 years in helping organizations around the world to automate their IT processes and protect sensitive data. The company will commemorate this milestone anniversary with the much anticipated unveiling of their new corporate headquarters, groundbreaking new software releases and promotional events throughout the next twelve months.

“From the beginning, our goal has been to provide great products at affordable prices that are backed with unparalleled customer support and service,” said Linoma Software founder, Bob Luebbe. “We attribute our success over the last 20 years to this simple company philosophy. It encompasses all that we do.”

Looking Back: A Modest Beginning

Husband and wife team, Bob and Christy Luebbe, started Linoma out of their home in 1994 to provide IT consulting and contract programming services to area businesses. The concept was simple, in that they offered experienced IT talent for affordable rates.

By late 1995, the Luebbes had hired several consultants to service their expanding customer base which included Fortune 500 companies such as Union Pacific, First Data Resources and Hewlett-Packard. They also officially opened their first office in Omaha, Nebraska to offer offsite programming services to out-of-state customers.

Around 1996, Bob had an idea for a product that addressed the challenge of converting legacy IBM RPG code to the new RPG IV (ILE RPG) language. During his off hours, Luebbe built the Convert to ILE RPG software, named it CVTILERPG and released it on a programming list server as a downloadable file. This proved to be a move that was ahead of its time as most software for IBM systems was distributed by mail and installed using cumbersome tapes.

BobLuebbeLinomaSoftwareCVTILERPG became an overnight success as a convenient-to-install and affordable utility, which paved the way for Linoma to evolve into a software company. Many of the original users of CVTILERPG (now called RPG Toolbox) are still loyal customers today.

Finding ways to make tasks easier and more efficient has always been the core of Linoma Software’s approach to software development. From creating graphical interfaces for the AS/400 in 1997 with Surveyor/400, to the debut of Transfer Anywhere in 2002, to encrypting databases with Crypto Complete in 2007, Luebbe and his growing R&D team continued to innovate and streamline processes for the IBM i. As new products were developed and released, Linoma put an emphasis on affordability and five-star support, which the company is known for.

The release of GoAnywhere Director in early 2008 was a turning point for the company. Quickly becoming the flagship product for Managed File Transfer and secure data exchange, the multi-platform software delivered full automation, encryption and detailed audit trails for file transfers. Following shortly after in 2009, the introduction of GoAnywhere Services expanded the product offering to support secure file services using FTP, FTPS, SFTP and HTTP protocols. GoAnywhere Gateway joined the product suite in 2010 with enhanced forward and reverse proxy to protect files in the DMZ.

LinomaSoftware2014
Looking Forward: Success through Innovation

As the GoAnywhere software suite continues to grow and evolve, the company has grown as well. Linoma Software has been named to the Inc. 5000 list of top growing companies in Nebraska for the past two years. Their customer base consists of over 3,000 installations worldwide including government entities, large corporations and mid-sized companies. Boasting over a 98% customer retention rate, Linoma Software continues to win customers over through innovation, affordable product offerings and responsive product enhancements.

According to Luebbe, “Several of our customers have been with us since the beginning. They love the products and rave about our support. We’re thrilled to be celebrating 20 years and it’s because our customers truly appreciate what we do. Without their trust and support, we wouldn’t be here. It’s that simple, and we are truly grateful.”

Click to Download and Print PDF

Linoma Software products are not affected by Heartbleed bug

Posted by on Wednesday, 9 April, 2014

Heartbleed bug graphic from heartbleed.comIf you are a Linoma Software customer using any of our products such as the GoAnywhere suite (Director, Services, Gateway, Open PGP Studio), Crypto Complete, Surveyor/400 or the RPG Toolbox, we are pleased to report that our products are NOT vulnerable to the Heartbleed bug.  

The CVE-2014-0160 exploit, or Heartbleed bug, has made big headlines over the last 48 hours. The Heartbleed bug exploits vulnerabilities in the popular OpenSSL server software potentially allowing the memory of SSL/TLS encrypted systems to be compromised. The bug essentially allows access to the memory of the SSL/TLS protected systems and attackers can potentially steal and read formerly encrypted information such as usernames and passwords, credit card numbers and other sensitive data.  To learn more about the Heartbleed bug please visit Heartbleed.com.  Additional resources allow you to check and see if your website or server is affected by the Heartbleed bug:  Heartbleed Test and LastPass Heartbleed Checker.

GoAnywhere Suite (Director, Services, Gateway, Open PGP Studio)
GoAnywhere does not use native libraries for SSL/TLS and relies on the JSSE libraries of the JVM that GoAnywhere is running on. This exploit does not exist in the JSSE implementation of SSL/TLS.  While Tomcat does, however, have the ability to utilize native SSL/TLS capabilities for its HTTP/S connections with the APR Connectors, GoAnywhere does not employ this functionality.
GoAnywhere Secure File Transfer mobile apps:
For Apple devices: The GoAnywhere Apple app uses the Secure Transport implementation of SSL/TLS and is not affected by Heartbleed.
For Android devices:  The GoAnywhere Android app uses the JSSE implementation of SSL/TLS and is not affected by Heartbleed.

Surveyor/400:
Surveyor/400 does not use native libraries for SSL/TLS and relies on the JSSE libraries of the JVM that Surveyor/400 is running on. This exploit does not exist in the JSSE implementation of SSL/TLS.

Crypto Complete:
Crypto Complete does not use SSL/TLS for Field or Backup encryption and is not affected by Heartbleed.

RPG Toolbox:  Our RPG toolbox does not use any encryption and is not affected by Heartbleed. 

Simplify Field Encryption on IBM i

Posted by on Monday, 5 November, 2012

Now that corporate applications are easier to access via remote and mobile channels, it’s even more important to determine which sensitive data is accessible and where possible breaches may occur. Unfortunately, legions of hackers with Wi-Fi and mobile hacking tools make it imperative that organizations prepare for and defend against potential attacks with even more pervasive security procedures.

One step in creating a stronger defense is to employ field or column-level encryption to protect sensitive data at rest.

Implementing a custom field encryption project on IBM i used to be a notoriously long and painful process.  Programming code changes for field level encryption required a steep learning curve, costly programming resources, and even more time in testing, validating and updating the changed application source code. Most companies simply could not justify the additional strain on their budgets for this level of project development requirements.

In response to this challenge, IBM released its OS version 7.1 with DB2 field procedure (FieldProcs) in April of 2010 that greatly simplified the field encryption process.  With the new FieldProcs technology, encryption projects can be streamlined because the field procedures are invoked at the database level, making it transparent to the applications. The FieldProcs can be coded to automatically encrypt the field on Inserts and Updates, and subsequently decrypt the field only for authorized users on Read operations.  Subsequently, FieldProcs have become very important to those businesses that have legacy applications and limited budgets.

FieldProcs are a great step for improving the viability of field level encryption projects. But even with this, many companies don’t have the resources to integrate and manage the FieldProcs which is why third-party software solutions, like Linoma Software’s Crypto Complete, are valuable.  Crypto Complete will generate and manage the FieldProcs on the fields within the files.

Crypto Complete also includes the key management, audit logs and access controls needed for PCI DSS and data privacy compliance. The value of using Crypto Complete for field encryption cannot be understated as it can greatly minimize the learning curve and reduce the implementation resource requirements from weeks to hours.

Daniel Cheney

Daniel has been the IT Director at a healthcare company for the last 12 years and a longtime beneficiary of GoAnywhere Director and the IBM i platform. He is also a freelance writer for various technical and social media projects.

More Posts - Website

What Can We Learn from the LinkedIn Breach?

Posted by on Thursday, 21 June, 2012

Today is another unfortunate reminder that no matter the size of a company or its industry, a data breach makes headlines.

Not only does it attract negative attention and erode customer confidence, an announcement that your company’s data has or may have been compromised can result in some steep financial penalties.  If fines associated with violating regulations like HIPAA or state privacy laws don’t get you, potential lawsuits might.

Take LinkedIn, for example.  Earlier this month, the social network of business professionals reported that nearly 6.5 million encrypted passwords had been leaked online.

Today, Mashable.com reports that LinkedIn is facing a $5 million civil lawsuit from a user claiming that LinkedIn’s security policy violated industry standards for database security.

There really are no lessons for the rest of us to learn from this latest breach, because most of us already know what we’re supposed to do.

  • Keep passwords secure, reasonably complex, and change them regularly.data breach
  • Ensure your company is using only the most secure encryption standards like AES or Open PGP.
  • Stay abreast of the latest news and techniques for keeping your company security policies and practices up to date and as impenetrable as possible.
  • Invest in solutions that streamline your data encryption processes, that include comprehensive auditing and reporting tools, and that ensure the security of your data at rest and in motion.

The question is how much longer can you postpone taking these steps to ensure that your company isn’t making news next week with an embarrassing and costly data breach?

Susan Baird

Susan is the Marketing Manager at Linoma Software, helping promote our secure file transfer and encryption solutions. Her specialty is content creation and social media marketing, and you can find out more about her by viewing her LinkedIn profile.

More Posts - Website - Twitter - Facebook

1.800.949.4696  |  sales@linomasoftware.com  |  privacy policy
Copyright ©1994 - 2012 Linoma Software  |  All rights reserved