Solutions
Products
Downloads
Support
Resources
Partners
Store
Blog Our client is a national retailer with more than 175 locations across the United States. They are committed to providing their customers with high quality merchandise at competitively low prices. Their extensive selection of products, including groceries, electronics, apparel, and accessories, as well as health and beauty items, ensures a one-stop shopping experience for their customers.
The retailer experienced a breach in security involving credit and debit card information. Affecting thousands of transactions. The breach raised questions about the company’s ability to protect confidential customer information. After assessing the problem, the Federal Trade Commission (FTC) determined that the retailer’s security measures were not adequate. The FTC advised the company to implement a data security solution that complied with the Payment Card Industry Data Security Standard (PCI DSS).
Each day, stores in the retail chain send purchase transactions from the past 24 hours to a DB2 database on the z/OS mainframe located at corporate headquarters. The transaction data for each 24-hour period is put into batch files and encrypted. It remains in storage for a number of days until all transactions are closed. Once closed, the batch files are sent to an AIX server, where the information is decrypted and stripped of all sensitive customer data. The sensitive data is then deleted and the remaining non-sensitive data is moved to an Oracle data warehouse for storage.
To evaluate its data security needs and advise the company on its purchase, the retailer engaged a consulting firm and the expertise of a supply chain analyst.
The retailer was advised to compare SecureZIP and PGP®. A detailed comparison showed that PGP was unable to work across all computing platforms within the retailer’s environment. And while PGP was able to encrypt files, it could not provide the file management capabilities the retailer required (e.g., recognition of file attributes, EBCDIC/ASCII conversion).
In addition, although PGP does compress data, its compression format is not based on the .ZIP file format and therefore could only compress files up to 50%; consequently, SecureZIP could achieve a 95% compression rate.
After the detailed comparison was complete, the supply chain analyst termed SecureZIP the “slam dunk” solution. “SecureZIP is an elegant solution for the z/OS environment because it encrypts, compresses, and manages many kinds of files--all in a single application across many platforms. PGP cannot compete with the overall value and ease of PKWARE’s application.”
SecureZIP’s performance and reputation for helping organizations comply with PCI DSS assures potential users that their data will be protected in transit and in storage. In addition to securing data, SecureZIP effortlessly streamlined operations and increased the retailer’s productivity by:
As an overall assessment, the supply chain analyst told the retailer, “...that this was a slam dunk--SecureZIP was far and away the product that fit their need. It was going to deliver the security they needed, true enough, but as a solution its advantages extended beyond security. SecureZIP’s other features would vastly improve the client’s processing efficiency at a lower cost. At that point, the retailer hadn’t expected a security solution to accelerate productivity. But I knew that SecureZIP was going to boost processing efficiencies in a number of ways.”
Print Version 
Press Room
Latest Blog Post
