"Large structured databases have been crying out for better protection," said Trent Henry, principal analyst, Burton Group. "Although data breaches are caused by a variety of factors, improved data protection is a big piece of the solution. Unfortunately, many organizations haven't been able to improve underlying data security because it required costly application changes or coding. Customers are looking for solutions that provide protection without changes to legacy infrastructure." Voltage SecureData now integrates with Hardware Security Modules (HSMs) to offer new benefits to companies that use them to store cryptographic information in order to meet internal security requirements. HSMs are widely accepted as an industry best practice for securing encryption keys that protect an organization's most sensitive data.
For IBM mainframe customers using z/OS, Voltage SecureData now operates natively, providing a simple API that can be accessed by COBOL and other Language Environment (LE) programs to protect data, as well as an integration and scripting tool called z/FPE that enables bulk encryption and masking of z/OS data (CICS, DB2, IMS, QSAM, VSAM) " providing full end-to-end data encryption, accessible from within or outside the z/OS system.
These new Voltage SecureData capabilities build upon two core cryptographic and key management innovations: Identity-Based Encryption (IBE) and Format-Preserving Encryption (FPE).
"Voltage SecureData makes it extremely fast—not to mention much easier and more cost effective—to encrypt data as soon as it's collected in a database, then keep it protected wherever it goes and while used by various applications," explained Terence Spies, chief technology officer, Voltage. "Other cryptographic approaches turn a 16-digit credit card number into an alphanumeric string with as many as 50 characters. This poses big problems for databases, applications, and legacy systems that are set up to accept only 16 digits, requiring heavy-duty re-architecting and modifications. By contrast, by leveraging FPE, Voltage SecureData enables encrypted credit card numbers to continue to look and feel exactly like the real thing, eliminating those problems and the associated complexities altogether."
In addition to supporting distributed environments, mainframe and HSMs, the latest version of Voltage SecureData also makes it easier for customers to:
Manage encryption across multiple servers. Voltage SecureData allows administrators to manage several servers from a single point, speeding updates and lowering operational costs.
Secure data in a cross-platform environment. Supports Windows, Linux, AIX, Solaris, HP-UX, z/Linux and z/OS.
Encrypt databases directly. With the Voltage SecureData Command Line, customers can encrypt data directly without building a separate encryption application or creating extracts.
Meet compliance requirements. Includes built-in PCI audit reports, comprehensive logging across infrastructure and integration with third party log management systems.
Integrate encryption in existing applications. Developers can add encryption with just two lines of code; competing products require as many as 100 lines to accomplish the same task.
Interest in encryption will likely increase in the coming months, as the new president shines the spotlight on the need for data protection. President Obama's Homeland Security agenda mandates standards for securing personal data and requires companies to disclose data breaches. In particular, he has indicated that encryption will play a key role in efforts to protect consumers. As a result, government efforts will expand beyond infrastructure protection and focus on database encryption, as well as mobile data, storage encryption, PKI and key management solutions.
For more information on 'Data Protection Risks and How to Avoid Them', join Voltage Security, Burton Group and MphasiS (an EDS company), in a discussion about the top five risks of protecting customer data and what to do about them on February 19th at 9:00am Pacific and 12:00pm Eastern. Click here to register.
About Voltage Security Voltage Security, Inc., an enterprise security company is the global leader in information encryption. Voltage solutions, based on next generation cryptography, provide encryption that just works for protecting valuable, regulated and sensitive information persistently and based on policy. Voltage delivers power, simplicity and the lowest total cost of ownership in the industry through the use of award-winning Voltage Identity-Based Encryption (IBE) and a new breakthrough innovation: Format-Preserving Encryption (FPE). Voltage Security offerings include Voltage SecureMail, Voltage SecureData and the Voltage Security Network (VSN), an on-demand managed service for the extended business network. Voltage Security is the number one OEM provider of email encryption technology in the world with OEMs that include Microsoft, Proofpoint, Secure Computing, Sendmail, Canon, Code Green Networks and NTT Communications. The Company has been issued several patents based upon breakthrough research in mathematics and cryptographic systems. Customers include Global 1000 companies in banking, retail, insurance, energy, healthcare and government, such as American Board of Family Medicine, Diebold, Integro Insurance Brokers, NTT Communications, SafeAuto Insurance, Winterthur Life UK Ltd. and XL Global Services. For more information please visit http://www.voltage.com.