IBM i customers have a huge business investment in RPG applications. This new facility will open the way for compliance with data protection regulations, and allow for more staged modernization.
Olympia, WA (PRWEB) May 17, 2016
Today at the COMMON Power Systems user conference in New Orleans, Townsend Security is announcing a major update to Alliance AES/400 that allows for IBM i legacy RPG applications to leverage automatic DB2 FieldProc encryption. This upgrade will dramatically improve the ability of IBM i customers to implement automatic DB2 encryption over sensitive data which are indexes.
While the IBM DB2 Field Procedures (FieldProc) facility works quite well with native SQL applications, IBM i customers with legacy RPG applications have not been able to take full advantage of FieldProc to encrypt data in DB2 tables. In particular, the encryption of database columns, which are indexes, has been very difficult for IBM i customers using legacy RPG. This results with inability to use FieldProc encryption to protect sensitive data.
IBM i customers in the financial and medical industries have been particularly affected as sensitive data such as a social security number is a very common way to index and link customer data. The work to convert legacy RPG applications to modern SQL applications can be daunting - with the result that many customers have yet to implement encryption, a core security control.
Open Access for RPG (OAR) was introduced in version 6.1 of the IBM i operating system and enables a complete replacement of the RPG file I/O logic through the use of OAR Handlers - special code that replaces the legacy interface for I/O operations. Townsend Security has leveraged OAR capabilities to replace the legacy RPG file I/O with modern SQL operations. The Townsend Security solution maps legacy RPG file operations like CHAIN, SETLL and other operations to native SQL statements, while preserving the functional integrity of the original RPG business logic. This means that IBM i customers can install the Townsend Security code, make one line of change to their application source code, and effectively convert the application to SQL.
“It’s like magic.” said Patrick Townsend, CEO of Townsend Security. “Many IBM i customers have struggled with the implementation of encryption using FieldProc because of the limitations of RPG applications which use encrypted indexes. For most of our customers, this will open the way to deploying encryption with a minimum of disruption. IBM i customers have a huge business investment in RPG applications. This new facility will open the way for compliance with data protection regulations, and allow for more staged modernization. This will be a part of our Alliance AES/400 encryption solution for the IBM i platform.”
Starting immediately, Townsend Security will start enrolling selected IBM i customers in an early adopter program. Preference will be given to IBM i customers with an immediate compliance need and appropriate technical resources. Liz Townsend, Director of Business Development, said, “The early adopter program will reserve positions for IBM i application ISVs who have a critical need to protect sensitive data. Townsend Security has developed a reputation as a partner-friendly company and we want to make sure that we are serving this segment of the IBM community.”
Alliance AES/400 is the only NIST-compliant AES encryption for the IBM i and is licensed on a logical partition (LPAR) basis. The solution includes support for FieldProc encryption, a rich set of AES encryption APIs, and support for encrypting Save Files, IFS files, tape files, and many other features. Alliance AES/400 provides support for local key stores and Alliance Key Manager, a FIPS 140-2 compliance key manager solution from Townsend Security.
Alliance AES/400 is available for a free 30-day evaluation.
About Townsend Security
Townsend Security creates data privacy solutions that help organizations meet evolving compliance requirements and mitigate the risk of data breaches and cyber-attacks. Companies worldwide trust Townsend Security’s NIST and FIPS 140-2 compliant solutions to meet the encryption and key management requirements in PCI DSS, HIPAA/HITECH, FISMA, GLBA/FFIEC, SOX, and other regulatory compliance requirements. Learn more at http://www.townsendsecurity.com.