Townsend Security Data Privacy Blog

IBM i (AS/400, iSeries) users send a lot of sensitive information to their customers, vendors, and employees which needs to be protected with strong encryption.  Our customers today are using our PGP encryption solution to protect files. But there has been a big need to generate and protect information in common PC formats. With our managed file transfer solution, Alliance FTP Manager for IBM i, we stepped up our support with encrypted Zip files and encrypted PDF files.

Zip compression is very commonly used to send files via email. Not only does Zip compression make our email attachments smaller, but the most popular Zip compression programs now support 256-bit AES encryption of the contents. The ability to encrypt Zip files with AES provides a much better level of security than older Zip protection methods.  Alliance FTP File Manager for IBM i fully supports Zip encryption to the WinZip standard. This means that you can create and protect Zip files on your IBM i platform, and then use a variety of delivery methods to get the Zip files in the hands of your customers, vendors, and employees. This functionality gives IBM i customers a powerful tool to meet compliance regulations.

Encrypted Zip support in Alliance FTP Manager provides rich capabilities to IBM i users. You can create encrypted or un-encrypted Zip archives, include sub-directories, and use wild cards to select files.  When uncompressing and decrypting, you can specify any directory as the target for the files. This capability integrates with our automation facilities for processing received files. Lastly, we provide a Windows command line Zip application to help our customers who don’t already have a Zip application.  I’m confident that this capability will help customers achieve a better level of security.

Another security technology in FTP Manager for IBM i is our encrypted PDF support. In this implementation, our customers are able to create encrypted PDFs with their own content, and then use the automation facilities to distribute the PDFs via email, FTP, and other distribution methods. Encrypted PDF support includes the ability to set fonts and colors, embed watermark and graphic images, set headers and footers, and create tables and lists. The resulting encrypted PDF file is compatible with any PDF reader that supports the AES encryption standard for PDF. We’ve tested with a wide variety of PDF readers on PCs, Apple Macs, Blackberry, Linux desktops, and so forth. This gives our customers an additional tool to secure their sensitive data.

These technologies for the IBM i customer increases their abilities to meet compliance regulations and secure sensitive data. I hope you get the idea that we are dedicated to helping you protect your sensitive data and corporate assets. You are going to see a lot more of these types of capabilities as we go forward.  For more information on our managed file transfer solution, view our webcast "Secure Managed File Transfers on the IBM i."

Last week we held a well-attended webinar titled “Secure Managed File Transfers” Meeting Compliance Regulations.” The webinar covered meeting the data in motion requirements of PCI DSS, HIPAA/HITECH, and other regulatory compliance requirements with Alliance FTP Manager, our secure managed file transfer solution for the IBM i.  During the presentation we received several great questions that we’d like to share with you on our blog.  As always, if you have any additional questions, send them our way.

Is there a reason why I shouldn't use PGP on windows? I can just transfer my file from IBM i to windows and then PGP encrypt it there. Does this make sense?

Yes, I fully understand why customers would want to take that approach, however if you are under PCI DSS regulations you would be out of compliance. The transfer of sensitive data across a network and then landing unencrypted will take you out of compliance, even if you encrypt it later. There is no question about that. That is a situation we have been remedying for customers for a number of years. The security best practice standard is to encrypt at the source and decrypt at the destination. So you need to avoid the transfer of unprotected data through internal servers or across any network. You really want to make sure that the encryption is in place and that the data lands encrypted.

Can managed file transfer be used on just one side or do both sides of the transfer have to have the same software?

Good question, first off, I'd like to point out that managed file transfer is a term of art. There is no formal definition, no RFC, no NIST standard. So for this answer, you're going to get my opinion on this. In our managed file transfer solution there are absolutely no requirement that a recipient of an encrypted file or a secure transfer needs to have our software. Our solution is based on open standards and no customer ever needs to deploy software in order to process a transfer. Open standards give you many software choices and give your trading partners a lot of choices on what they want to use.

Regarding Open PGP implementation, which RFC or RFC's do you follow? 

Well there are a couple. There is an original RFC2448  and there is a later RFC4884. Our commercial PGP product from Symantec is compliant with all of those standards - so the original and newer PGP RFC's are fully supported in our commercial product. Therefore we stay well lined up with those particular standards. Of course, there are some capabilities in the commercial product that are not defined as a part of the open standard - they are an extension if you will. There are a number of capabilities in the commercial version that really help larger enterprises stay lined up with compliance requirements and meet best practices. Those are built on top of full compliance with open standards.

View a recording of our webinar Secure Managed File Transfers: Meeting Compliance Regulations for more information on meeting data in motion requirements of PCI DSS, HIPAA/HITECH, and other compliance requirements on your IBM i.

The color silver symbolizes glamor and distinction. This year, the color silver symbolizes accomplishment for those of us at Townsend.  We have recently obtained Silver Business Partner status in Microsoft’s business partner program and the company just celebrated its 25th Silver anniversary.

Earlier this month we announced that we became a silver level business intelligence partner with Microsoft.  This new alliance will help us with the launch of our encryption key management solution for Microsoft SQL Server 2008, later this quarter.   We just returned from Microsoft’s Worldwide Partner Conference where we met with several different partners about this opportunity.   We talked with many companies who had similar interests in compliance and data protection, it was a great introduction into a new community that is very important to us.

July 14, 2011 marked Townsend’s silver anniversary – what a milestone! We owe this accomplishment to our customers, partners and our dedicated team. The company has evolved a lot over the last 25 years; we have undergone a few name changes (Patrick Townsend & Associates, Patrick Townsend Security Solutions and now Townsend Security) and a few different logos.  Our name and our look may have changed over the years, however, our mission and vision have remained the same - Townsend Security creates, sells and supports professional encryption solutions that protect data and simplify compliance.

The solutions we have introduced into the market over the years, AES Encryption, FTP Manager, Key Manager, LogAgent, XML/400 and TokenManager align with our vision. Our commitment to provide world-class support to our hundreds of customers worldwide will always be our number one priority.  And we are proud to say that a few members of the Townsend team have been with the company for over 10 years and several more are quickly approaching their 10 year anniversary, not many companies can say that in today’s economy.  As we pour that glass of bubbly and toast our silver anniversary we will be sure to thank our customers, partners and ourselves for an incredible 25 year run and set our sights on the next 25 years.  I can’t wait to see what it holds!

Be a part of our next 25 years, follow us on Facebook, Twitter, and LinkedIn.

Earlier this month we released a comprehensive upgrade to our secure managed file transfer solution – Alliance FTP Manager. This latest release incorporates a number of existing Townsend Security products that were previously priced separately and features new capabilities. FTP Manager 5.2 brings together the existing products Alliance FTP Security, Alliance Cross Data, and Alliance All-Ways secure into a single product.

This is a really a big win for our existing customers as well as IBM i customers. Our existing Alliance FTP Manager customers automatically receive the upgrade to FTP Manager 5.2 and so do all of our existing Cross Data and All-Ways Secure customers. We know there are a variety of security challenges facing IBM i customers who send data over networks and FTP Manager 5.2 provides those customers with the most comprehensive and flexible Secure Managed File Transfer offering available.

Highlights of FTP Manager 5.2 include encrypted PDF and encrypted Zip functionality. The new encrypted PDF functionality allows customers to generate encrypted and un-encrypted PDF documents using a familiar interface. And now that FTP Manager 5.2 fully supports zip encryption to the WinZip standard it will provides IBM i customers with a new tool to meet compliance regulations. Users can create Zip files on the IBM i platform and then use a variety of delivery methods to send the Zip files to customers, vendors, and employees.

There are a lot of exciting things on the horizon for Townsend Security and our customers. This release of FTP Manager 5.2 is just the start…..October promises to be a month full of major accomplishments and milestones.