Solutions
Products
Downloads
Support
Resources
Partners
Store
Blog Created in 1935, our client is an independent agency within the executive branch of the Federal Government. Their primary function is to administer a social insurance program for one of our nation's largest employment groups. Our client is headquartered in Chicago, IL with field offices throughout the country.
In 2009, our client underwent an IT security audit in support of established FISMA guidelines; they were cited for deficiencies in access controls surrounding IT security. Specifically, they were found deficient in not adequately encrypting sensitive Personally Identifiable Information (PII) and Personal Health Information (PHI). The Agency took a proactive stance and, not wanting to face a failing compliance grade or fall victim to a data breach, began researching data security solutions that best fit their agency's needs.
Due to the large amounts of PII and PHI that our client handles, they are required to comply with OMB M-06-16 and FIPS 140-2 requirements. It was critical to find a data security solution that could ensure they were in compliance with these initiatives. The Agency also exchanges sensitive information with their external partners, including numerous regional offices and State agencies. The data is placed on tape cartridges (up to 800 MB per tape) and sent, unencrypted, via courier to the off site locations. In addition, tapes are used for off site back-up storage; 24 TB of unencrypted mainframe data and 16 TB of unencrypted server data is stored.
Since our client works with several external partners, it was important to choose a data security solution that would promote secure data exchange with external partners in a cost-effective manner. The chosen solution needed to easily integrate into the Agency's current workflows and processes and also required the secure, efficient exchange of critical business information.
The Agency provided PKWARE an overview of the additional requirements they were seeking in an encryption solution, which included the ability to:
SecureZIP PartnerLink was the clear choice, meeting all of the Agency's requirements while also providing additional value not originally sought at the onset of the project. SecureZIP PartnerLink, which is deployed on the Agency's mainframe (SecureZIP is also deployed on several AIX servers), provided the lowest risk, highest performance, and easiest integration and support options for their existing infrastructure. Daily operations with partners were able to continue without interruption.
SecureZIP PartnerLink also allows the Agency to distribute an unlimited number of SecureZIP Partner licenses, at no cost, to their partners. Being a "no cost" solution furthered partner acceptance and eased the adoption process. Our client is now effectively protecting the data at the file level, making it impossible for anyone except authorized personnel to access it, whether the data on tape in transit via courier or in storage at an off site facility. And, they can extend their security policies, regardless of the number of endpoints or computer environments involved in the exchange.
In addition to meeting our client's critical need to securely exchange data with external partners, SecureZIP PartnerLink also met each of their other requirements. Due to its use of strong encryption and ability to run in "FIPS mode," SecureZIP PartnerLink ensured that compliance requirements with FIPS 140-2 and OMB M-06-16 were met. Also, because SecureZIP PartnerLink is transport independent, it is capable of sending encrypted data via Electronic File Transfer (EFT), as well as encrypting data onto mainframe tapes. Although the Agency is not currently using SecureZIP PartnerLink for EFT, it offers them a flexible solution that can grow with the organization's data management and security needs.
Due to the fact that our client's initiative was data security driven, they had concerns about what adding encryption would do to their SLAs. Traditionally, adding encryption to a data exchange or back-up process results in additional required time to write data to tape. However, because SecureZIP PartnerLink combines zip compression with strong encryption, they were able to reduce the size of files before encryption, ensuring they continued to meet their SLAs.
PKWARE also alleviated the Agency's concerns by ensuring they could not only receive 24/7 technical support, but professional expertise regarding industry best practices and how to best leverage SecureZIP PartnerLink within their mainframe environment. PKWARE assisted the Agency each step of the way through set-up, implementation, and ongoing support. Seen as an expert within the industry, PKWARE also provided on site personnel during implementation and assisted them in leveraging ICSF on the mainframe to further maximize their investment.
In the end, our client eliminated the exposure risk of sensitive personal information by implementing a solution that allowed them to securely exchange data with partners. Much like other major government agencies such as the Centers for Medicare and Medicaid (CMS), our client has been able to add strong data protection to daily operations and improve operational efficiencies without additional cost or overhead. Not only have they solved their initial problems and met immediate requirements, but SecureZIP PartnerLink provides the flexible solution that will continue to grow with their organization and address future issues without requiring other products, services, or vendors.
Print Version 
Press Room
Latest Blog Post
