Last week, Townsend Security CEO Patrick Townsend and I made the trip to Anaheim, CA for the IBM COMMON User Group Annual Meeting and Exposition, a meeting that brought about one thousand IBM users from around the world together to learn and network. Both Patrick and I gave classes on IBM i security. This was a great opportunity for us to learn what the top security concerns of IBM i users are today, and what strategies are most common for implementing defense-in-depth security on the IBM i.

First, it was great to learn that most IBM i users with sensitive data are encrypting. FIELDPROC, the field procedure exit point available on V7R1/V7R2 has made column-level encryption easier than ever, and many users are moving towards FIELDPROC-based encryption solutions. There was also greater interest in encryption key management, which is a critical part of any encryption solution.

One of the top questions we received regarding encryption and key management was, what are the benefits and challenges of IBM i native encryption libraries and key management? The IBM i native encryption and key management capabilities can be an easy way of protecting sensitive data on your IBM i. However, some companies who must encrypt and decrypt large amounts of data in short periods of time, or who must meet compliance regulations such as PCI-DSS or FFIEC, often run into performance issues when using the native encryption libraries and compliance issues if they must use a NIST-compliant key management solution. If a user needs to manage encryption keys in a multi-platform environment, then using a third-party key management solution that can manage keys in multiple operating systems and platforms is critical.

Greater interest in system logging was also evident. A strong system logging solution will collect security events in real time and detect a data breach as it happens. Many IBM i users were already using a log collection solution such as Splunk, AlienVault, or IBM’s QRadar SIEM solution; however, many users were also facing the challenge of collecting security events that are generated in many different formats, and need to be converted to a common format for collection, analysis, and alert management. The ability to convert these events and manage them in a cohesive way falls entirely on the capabilities of your system logging solution. We recommend IBM users focus on solutions, such as our Alliance LogAgent, that can convert logs from multiple formats into standards formats that can be read by your SIEM solution.

Lastly, Patrick presented on the importance of two-factor authentication on the IBM i. The importance of two-factor authentication has become more evident since many security experts deduced that some of the largest data breaches in the past few years perhaps could have been prevented using two-factor authentication. The Target and Anthem breaches are listed among these. Two-factor authentication is defined as an authentication method using two factors: something you have and something you know. If using two-factor authentication on the IBM i, anytime a user signs on, they will also receive a text or phone call providing them with a pin number they must enter in to their sign on client as well. Since hackers are becoming more and more adept at discovering a person’s password, two-factor authentication would stop a hacker from signing on as that person if they didn’t have access to their phone as well. Large companies such as Google and Apple are using these technologies already, and it won’t be long before use of two-factor authentication is a standard across all platforms.

Every year, COMMON gives us an opportunity to connect with IBM i users and some of our customers as well. We use this opportunity to spread the knowledge we have about the best security solutions available for the IBM i and learn from the community what new security needs coming down the line. If you weren’t able to attend COMMON this year, check out Patrick Townsend presentation on on two-factor authentication, available online here.

We're just recently back from the COMMON 2011 conference in Minneapolis.  What a great experience for Townsend Security and our IBM i customers.  The encryption and key management sessions that Patrick and I presented were well received and well attended.  Many of the attendees were interested in the mechanics of encryption, and many of those were pleasantly surprised to learn that there is now a way to encrypt database fields without doing massive application program changes.  

At COMMON we announced our new Automated Encryption capability that is now embedded in our benchmark AES/400 product.  Automated Encryption allows you to insert encryption at a database level, rather than at the application programming layer, and that greatly simplifies the task of encryption.  Automated Encryption increases the efficacy of encryption too.  By enforcing encryption at the database level, you eliminate the chance that an application program might be unwittingly introduced that might not follow your encryption standard.  Encryption at the database level ensures that every credit card, or every social security number, is encrypted in the database - without the need for additional application programming.

Another bright spot at COMMON was the number of customers that were either already at IBM i V7R1, or were planning to get there in the next few months.  With the status of OS version V5R4 uncertain (it's End-of-Support date has been extended by IBM at least twice), there was a lot of discussion about what the right upgrade path is.  V7R1 has been out in the market for over a year, and with great new features like the database FieldProc (Field Procedures) It was encouraging to see how many customers were either already on V7R1, or had immediate plans to move there.  A number of customers that currently on OS version V5R4 were planning to move directly to V7R1 without stopping at V6R1.  While they don't avoid the problems of program conversion at V6R1, they do get to the stable, current release in one step rather than two.

Finally, it was great to talk to all of the people that stopped by our booth during the conference.  We spoke to over 300 people during the two and a half day expo.  For those of you that asked questions or made data requests, we are in the process of going through our notes and providing the requested feedback - someone will reach out to you soon.  Most everyone else will have gotten an invitation to follow us on LinkedIn, FaceBook or Twitter - that's a great way to keep up with what is happening in the encryption world and to stay on top of data privacy trends.  We're always producing new educational material about encryption, keymanagement, and data protection, so it's a great way to stay current on those topics.

And for those of you that couldn't make it to the COMMON conference, you can still follow us on social media, and we hope to see you at a tradeshow in the future!

jte

We have made our plans to be at COMMON in Minneapolis. Have you?

It’s almost here, that time of year when IBM System i (AS/400, iSeries) customers gather as a community to learn and collaborate about what is new with the platform.  It's almost time for COMMON, the largest gathering of IBM i users in the US.  This year the event is in Minneapolis, not too far from Rochester, MN – best knows as the "home of the AS/400".   You could say the AS/400 faithful are returning to the mothership.

Of course we are planning on being at COMMON,  we look forward to attending it every year.  It’s a great opportunity for us to visit with many of our customers,  catch up with our peers and meet new members of the IBM i community.   In addition to exhibiting at COMMON, John Earl and Patrick Townsend will be presenting sessions on data privacy.  John and Patrick are regulars at COMMON and their sessions are always well attended.  Here are some details about what they are presenting and when.

Encryption 101, John Earl 
May 1, 11AM – 12:15PM
101 H Minneapolis Convention Center

Security Challenge: Let's Break In!, John Earl
May 3, 2PM – 3:15PM
101 H Minneapolis Convention Center

Data Security and Encryption, Patrick Townsend
May 3: 9:30AM – 10:45AM
101 H Minneapolis Convention Center

Tokenization, Patrick Townsend
May 3:  5PM – 6:15PM
101 H Minneapolis Convention Center

So, as you make your plans on who to visit in the Expo be sure to include us on your list -- booth #511.   We are anxious to talk to our customers and old friends and look forward to making a few new friends as well.  

There are a lot of exciting things happening with Townsend in 2011, new products are on the horizon and updates to our most popular products; AES/400, FTP Manager and Key Manager will be coming soon.  Be sure to stop by and learn more!   If you would like to schedule a one-on-one with John or Patrick, send an email to marketing@townsendsecurity.com and we’ll make sure to accommodate your request.

See you in Minneapolis.