Solutions
Products
Downloads
Support
Resources
Partners
Store
Blog 
Our client also processes various forms of payment, including Bankers’ drafts, Building society cheques, Post orders, Warrants, Government payable orders, and Travellers’ cheques. In addition, they also manage the systems for the clearing of paper bank giro credits (credit clearing) and euro cheques (euro clearing).
A project was initiated in 2005 to simplify the infrastructure and reduce costs of the United Kingdom’s cheque clearing process. The scope of the project was to provide management of the electronic data related to paper cheques and credits. Each transaction is processed as an individual file transmission between each of 12 member banks. The information flows among the member banks during an end-of-day processing window that needs to accommodate millions of transactions. This results in a physical settlement to each bank the following morning based on all of the aggregate totals verified daily by the Bank of England.
Due to the fact that paper cheque usage volumes have been declining, our client needed a solution that offered predictable costs throughout the several-year term of the project. The complete desired solution needed to fulfill several requirements:, including
The project’s technical committee evaluated 38 other companies that offered "hub and spoke" solutions. Unfortunately, a hub and spoke solution would force all members banks to send their transactions to a single outsourcer that would "police" all transactions. PKWARE was the only company to advise the project team that by using SecureZIP they could eliminate the need for a hub and spoke model. By leveraging banks’ existing infrastructures, SecureZIP allows the banks to work independently on their own computing platforms, eliminating the need for a centralized outsourcer and saving millions of pounds for processing and transmission.
Each of the 12 member banks has its own IT infrastructure composed of several different computing platforms ranging from z/OS® mainframes to Windows®, UNIX®, and Linux® servers. Not only did SecureZIP eliminate the need and cost associated with a hub and spoke model, but it was able to efficiently manage the various computing environments used by member banks. This helped our client overcome future cost concerns by providing an option that allowed member banks to change their computing environments without impacting the overall cost of the solution.
In addition to addressing the flexibility and cost concerns raised by our client, SecureZIP was also able to address all of the proposed technical requirements. It offers a private network provider, Certificate Authority (CA), and enabled secure transfer of information. Further, SecureZIP easily and efficiently added digital signing capabilities to each of the millions of transactions occurring daily. And, SecureZIP can automatically translate different file formats during nightly batch processing, saving processing time and reducing operational overhead.
Using SecureZIP, our client was able to quickly address and solve critical data security needs. It not only met the immediate requirements, but will address the future needs of our client and the overall project.
Our client is one of the world’s largest financial institutions, providing individual consumers, small/mid-market businesses, and large corporations a full range of banking, investing, asset management, and other financial and risk-management products and services.
The company needed to comply with the Payment Card Industry Data Security Standard (PCI DSS), which required them to protect credit card data as it is transmitted, processed, and/or stored, impacting several processes throughout their organization. Initially, the company set out to protect and store credit card dispute information for the PCI mandated minimum of 7 years.
This information was taking up space on their UNIX server, so the company wanted a solution that could both encrypt and compress the data. Every night, hundreds of thousands of settlement transactions containing confidential credit card information are sent to companies of all sizes. Without secure, dedicated lines set up for data transfer with smaller merchants, this confidential credit card data was sent via fax.
In an effort to secure this process, the company established an initiative to move all fax transmissions to email, electronically transferring encrypted data to multiple endpoints that would then have to decompress and decrypt the data after it was received. The data for these transactions originates on the company’s z/OS mainframe and is then transferred to an internal server before it is sent externally to merchants. The company wanted a solution that would be easy to use and cost effective, especially for their business partners.
As soon as the company purchased SecureZIP, they quickly realized the solution could work for additional security initiatives throughout the organization. They engaged PKWARE for assistance in achieving strong enterprise security across all major computing platforms.
The company wanted to use PKI to facilitate secure email communication both internally and externally with business partners. SecureZIP was the only solution that could provide the level of functionality, customization, and ease of use required. The company also incorporated the RSA Keon Certificate Authority product as well as the PKWARE ZIP reader to round out the solution.
SecureZIP provides seamless integration with the centralized directories containing digital certificates issued by RSA. This supported the requirement for processing secure transactions without slowing the delivery of reports to their partners. PKWARE’s free ZIP reader extends the benefits of SecureZIP to the company’s large network of partners without requiring them to purchase additional software. As a result, our client is able to securely communicate with, and send information to, its partners, regardless of the their computing environment or security infrastructure.
Our client provides credit/debit card clearing and settlement services, handling millions of transactions daily at more than a million locations worldwide.
The company was required to comply with the Payment Card Inudstry Data Security Standard (PCI DSS), which mandates all credit cardholder data be protected as it is transmitted, processed, and/or stored. Enforced by major credit card companies in response to the overwhelming occurrences of data theft, PCI DSS requires any company handling credit card data to comply or face monetary fines. Our client was being audited by several business partners. During the audit process, it became apparent that they needed to address the issue of data security.
The company was transmitting credit card information that originated on their Windows server throughout the company via email attachments, as well as burning data to CD for backup storage. Not wanting to risk non-compliance, they began searching for a data security solution that would enable encryption and be easy to deploy and use.
Although the company considered PGP®, they chose SecureZIP because it was able to meet all of their requirements while also providing a more robust solution. SecureZIP offered policy manager functionality for use on the company’s Windows desktops. Using policy manager, IT administrators can centrally configure encryption settings according to internal organizational policies. This allows the company to extend their data security policies, regardless of the number of endpoints or computing environments involved in the exchange. The company recognized SecureZIP would allow them to effectively protect data at the file level, making it impossible for anyone except authorized personnel to access it. By centrally configuring security settings, it also made it easier for employees to ensure they were adhering to internal data security policies, limiting their resistance to a new solution.
SecureZIP was deployed in less than a week and is now being used on Windows server and desktop environments. SecureZIP’s seamless integration with our client’s existing PKI environment was also an added benefit because the company had wanted to use their Windows servers to produce X.509 digital certificates. Digital certificates are housed in an active directory and can easily be accessed by users via Outlook.
Our client is one of the world's leading financial services providers. In addition to its strong presence in the United Kingdom, the company has offices in Europe, the United States, and Asia. Our client works with over 1,500 partners throughout the world and operates several hundred individual branch locations.
The company offers a Windows®-based application to external financial advisors, trust managers, brokers, and other third-party business partners, through which they place transactions (buy and sell securities, stocks, bonds, mutual funds, etc.). The application transmits files over public networks to a central UNIX® server, which then executes the transactions through various trading systems. After the transactions clear, the server returns confirmation to the appropriate partner’s application.
As our client was preparing for a new release of this system, adding new features and functionality, their Data Security & Compliance Committee determined that the data being exchanged was sensitive in nature. Therefore, strong data protection was needed to meet internal standards and policies.
The company was very familiar with PKWARE as they were already using PKZIP® for compression and file management in their data center to improve operational efficiencies and overall workflow. In addition, several other organizations within the banking and financial services industry had begun using SecureZIP® by PKWARE for data security.
The company was looking for a cost-effective way to securely exchange sensitive data with their external business partners - a method that, when implemented, would expand with their business over time. SecureZIP PartnerLink was a natural choice based on its ability to seamlessly integrate with existing applications, allowing daily operations with external partners to continue without interruption. The fact that the company was already utilizing PKZIP for compression and file management made the upgrade that much easier, achieving complete deployment of the solution within a matter of weeks.
SecureZIP PartnerLink ensures sensitive information remains protected both at rest at the point of origin or destination, and during transit. Our client can distribute an unlimited number of SecureZIP Partner licenses, at no cost to their partners, increasing partner acceptance and adoption of the software. Being a “no cost” solution furthered partner acceptance and eased the adoption process. And, the company can extend their security policies, regardless of the number of endpoints or computer environments involved in the exchange. This assures our client that the solution will grow with their organization as new partners are added.
The Policy Manager functionality of SecureZIP PartnerLink allows administrators to centrally configure encryption settings according to internal policies. This allows the company to extend their data security policies, regardless of the number of endpoints or computer environments involved in the exchange. Our client can now effectively protect the data at the file level, making it impossible for anyone except authorized personnel to access it, whether the data is at rest or in transit being exchanged with partners.
In addition, while SecureZIP PartnerLink allows for encryption of data exchanged with partners, it also provides for the use of an unlimited number of contingency keys which can be added to any encrypted .zip file created on any platform. These contingency keys provide access to the encrypted archives should the primary key or passphrase be lost or compromised. And, SecureZIP PartnerLink supports the use of PKI certificates that comply through the X.509 certificate standard and passwords or passphrases can be added in conjunction with digital certificates.
In the end, our client was able to preserve their corporate brand and avoided the liability risk of sensitive information being lost or stolen. By strongly protecting their information, they eliminated exposing confidential financial and personal information of a large number of influential customers and business partners. Using SecureZIP PartnerLink, the company was also able to secure this information in a cost-effective manner and with minimal technical integration efforts.
Our client is a major American financial services company whose products include those within consumer, corporate, and investment banking, as well as global wealth management, investment research, and private equity. The company holds over 200 million customer accounts in more than 100 countries.
When the company initially contacted PKWARE, they were looking for a solution that would
address three major security issues:
1) A corporate-wide initiative had been put in place requiring that all data stored on removable media be encrypted. This included CDs and USB drives at the desktop level and cartridge tapes and CDs being used in conjunction with servers.
2) A division within the company that advises corporations on mergers and acquisitions, as well as issuing and selling securities, was facing compliance issues with SEC regulations. SEC regulators must have access to information at all times. Frequently, passphrases were being used to secure information; if a passphrase was forgotten, the SEC could not access the data. In addition, unregulated use of encryption meant that information could potentially be sent outside the corporate perimeter without the company’s knowledge.
3) The company was looking to deploy a single security solution across all desktops within the organization, totaling over 380,000 units.
A current WinZip® user, our client was struggling with the lack of administrative capabilities the product offered for controlling employee encryption functions. The company considered several other IT security vendors, including Tumbleweed®, Patrick Townsend®, and PGP® for server.
The company purchased SecureZIP Enterprise Edition for i5/OS and Windows desktop, as well as for Windows, UNIX, and Linux servers. SecureZIP provided a single solution that met all of their requirements. Information placed on all forms of removable media is protected, satisfying a corporate-wide security initiative. Using the policy manager function of SecureZIP allowed IT administrators to centrally configure and control which employees were and were not able to encrypt information.
In addition, because the company uses passphrases to encrypt sensitive data, the contingency key functionality of SecureZIP proved to be an invaluable tool. It ensured that data could be accessed at any time, even if a passphrase was lost or stolen, a critical factor when considering SEC regulations. While using contingency key allowed data to be accessed at any time, the company also wanted to increase the complexity of the passphrases they were using for encryption. SecureZIP offers passphrase hardening, which allowed IT administrators to set regulations on factors that increased passphrase strength, such as length of the passphrase and special character requirements.
Finally, our client was pleased to discover that SecureZIP provided them with one solution that was compatible across all computing platforms. The company was in the process of executing an organization-wide desktop refresh, looking for a single solution that would meet their needs, on over 380,000 desktops. SecureZIP provided a single solution, providing both encryption and compression needs, allowing the company to replace WinZip and others and use one universal product throughout the organization.
A Federal agency under the Department of Health and Human Services (HHS) provides direction and technical guidance for the administration of the Federal effort to plan, develop, manage, and evaluate health care financing programs and policies. Along with the Departments of Labor and Treasury, the agency also implements the insurance reform provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Our client is in possession of vast amounts of medical data and patient records for each person enrolled in the Medicare program, spanning a time frame of several years. As a result of data security standards and requirements, such as OMB M-06-16 and FIPS 140-2, it was absolutely critical that they find a solution that would comply with these mandates and allow them to continue exchanging sensitive data with numerous external business partners.
Each month, the agency transmits thousands of tapes/CDs containing sensitive Personally Identifiable Information (PII) to hundreds of endpoints, including research labs, universities, large business partners, and other government agencies. Data is placed on a tape or burned onto a CD directly from the mainframe and sent to partners with operating platforms ranging from z/OS® mainframes to Windows® desktops.
Our client faced two major challenges when trying to send sensitive data to partners: 1) many of the institutions they are sending data to do not have an IT support staff; and 2) they do not have the funding to purchase a decryption tool.
Due to the mixture of platforms and end-user expertise, it was essential that the recipient community react favorably to the chosen solution and adapt it into their processes. The agency required a cost-effective solution that could take the disparate mix of partners and IT environments into account and extend a solution that would be easy to deploy and use. The solution also required the secure, efficient exchange of critical business information with little to no interruption at the origin or endpoint(s).
SecureZIP PartnerLink was deployed at three data centers on multiple mainframes and on multiple open systems environments (UNIX®, O/S®, and Windows). It provided the lowest risk, highest performance, and the easiest integration and support options for the agency’s existing infrastructure, allowing daily operations with partners to continue without interruption.
SecureZIP PartnerLink allows the agency to distribute an unlimited number of SecureZIP Partner licenses, at no cost to their partners. Being a “no cost” solution furthered partner acceptance and eased the adoption process. The agency can now effectively protect the data at the file level, making it impossible for anyone except authorized personnel to access, whether the data is at rest or in transit. And, they are able to extend their security policies, regardless of the number of endpoints or computer environments involved in the exchange.
In addition to meeting the agency’s critical need of securely exchanging data with external business partners, SecureZIP also met each of their other requirements. Because SecureZIP is transport independent, it is capable of encrypting data onto mainframe tapes as well as other forms of data movement (i.e. CD, DVD). SecureZIP will create the encrypted .zip archives that then can be transferred to the media of choice via the standard method of writing.
The agency was also looking for a solution that would utilize the mainframe encryption coprocessor as well as support the AES encryption standard. SecureZIP provides a cross-platform security solution that offers encryption, digital signing, and authentication, both outside and within the IBM® hardware cryptographic environments. It also supports the AES encryption standard.
While SecureZIP allows for encryption of data exchanged with partners, it also provides for the use of an unlimited number of contingency keys which can be added to any encrypted .zip file created on any platform. These contingency keys provide access to the encrypted archives should the primary key or passphrase be lost or compromised. SecureZIP supports the use of PKI certificates that comply with the X.509 certificate standard; and, passwords or passphrases can be added in conjunction with digital certificates.
SecureZIP PartnerLink provided the agency with a solution that met all of their requirements and eliminated the exposure risk of exchanging sensitive information with external business partners. They are extremely pleased that not only are they exchanging information securely with current partners, but SecureZIP PartnerLink allows them to extend the same solution to new partners as they are added.
Our client is a recognized, award-winning Federal Government IT Center responsible for administering benefits to Veterans and their families.
As a fee-for-service organization, this data center provides cost-effective IT enterprise solutions to support the information technology needs of its customers within the Federal sector. Their offerings include a full complement of technical solutions, including platform hosting services, total information assurance, customer business continuity, data conversation and interfacing, configuration management, and application administration.
The data center provides processing services to various government and military agencies and was transferring large files containing Personally Identifiable Information (PII) from their z/OS® mainframe to multiple Federal Government agencies nightly.
Although the data center had a secure pipe (SSL), they wanted to ensure that the data was fully protected once it left the pipe, while awaiting retrieval. As the data waits to be retrieved by other federal agencies, it rests at the perimeter of the system and still must be protected.
The data center wanted a solution that could encrypt data at the file level and also support multiple computing platforms.
The data center researched several security options but, in the end, they felt PKWARE® offered the strongest solution. SecureZIP's ability to protect the sensitive data - as it rests on the perimeter of the system - ensured that only intended federal employees had access to the confidential information. The agency took a step toward preventing confiscation of this data at rest by encrypting it - at the file level and applying the highest level of security to this PII.
SecureZIP's ability to provide data security at rest and in transit, as well as interoperability across all major computing platforms, were key factors in the data center's decision. And, because ZIP technology continues to be a recognized brand in the marketplace, they knew they were using a stable, reliable, and proven application.
Our client is a Federal Government agency responsible for the safety of civil aviation. The agency maintains various responsibilities, including: regulation of civil aviation to promote safety; development of civil aeronautics; research and development of the National Airspace System; and regulation of U.S. commercial space transportation. The agency is divided into several individual offices.
An audit was performed within the agency to identify instances where Personally Identifiable Information (PII) may be exposed. Two offices within our client agency took a proactive stance and concluded that they needed additional security around information that is exchanged daily via email and email attachments. They began searching for a solution that would allow them to encrypt sensitive information exchanged via email and, if possible, a solution that would also allow them to access encrypted information for purposes of audit and/or data recovery.
The agency uses Lotus Notes for desktop email communication. While encryption capabilities are built into the program for secure exchange between Lotus Notes users, the agency needed a solution that would integrate with the application and also allow for secure external email exchange. In addition, with office employees located across the country, it was imperative that the solution be quick to deploy and easy to integrate within the daily workflow.
When searching for a security solution, the agency needed to ensure the solution would meet the requirements outlined in their statement of work for encryption software. These requirements included:
The agency was already using WinZip® for desktop compression, but soon recognized that it was not a viable option for data security because it did not offer strong encryption or administrative policy support for contingency keys. WinZip also could not meet several of the compliance requirements, specifically FIPS-140.
Strong encryption for secure email exchange. SecureZIP offered the agency strong data file encryption that met their initial goal of implementing a security solution compatible with their Lotus Notes email application. The offices can now encrypt and securely exchange sensitive information via email and/or email attachments with all external endpoints.
Access data for audit/recovery purposes. Contingency key functionality ensures that data can be accessed at any time, even if a passphrase used for encryption is lost or stolen. The agency can recover any data encrypted using SecureZIP, which is especially important in the instance of an agency audit.
Centrally control encryption capabilities. Policy manager, another capability of SecureZIP, grants the agency the ability to set security protocols so they automatically become part of the workflow. In some cases, users are unaware that files are being secured because SecureZIP works “in the background,” encrypting and decrypting files without requiring any user interaction. Using policy manager, administrators can centrally control encryption standards, configuring and securing protocols. Every time an employee or affiliate creates a SecureZIP file, the user is locked into encrypting the file according to the agency’s settings.
Fast and easy deployment. SecureZIP also provides a solution that is easy to use and deploy within the current work environment. It allows the agency to send sensitive data freely within the organization as it is protected from the originating source, in transit, and remains protected when it reaches its destination.
Our client is a state government agency that serves as the Chief Financial Officer for their state, collecting billions of dollars each year in state and local tax revenue used for state-funded programs. As a fee-based service bureau, the Agency also provides Information Technology (IT) services critical to the daily operation of many of their individual state agencies. In addition, the Agency regulates the state’s alcohol, tobacco, and motor fuel industries and serves as a member of many state boards and commissions.
Our client does a great deal of business with external business partners, including state and local government agencies, as well as corporations. They required a data security solution that would support varying transaction volumes and frequencies, but, at the same time, could address a broad range of technical capabilities that their business partners represented.
The Agency’s external business partners are varied, ranging from large financial institutions with significant IT resources to small state and local government agencies with limited IT resources and technical capabilities. Due to the mixture of computing platforms and end-user IT expertise, it was essential that the recipient community react favorably to the Agency’s security directive and adapt it into their processes.
Our client also needed a cost-effective solution that would take the disparate mix of business partners and IT environments into account and extend a solution that would be easy to deploy and use. In addition, the solution had to address the bidirectional secure transfer of data files via FTP that offered the flexibility to scale to multiple platforms without changing the existing infrastructure. The solution required the secure, efficient exchange of critical business information with little to no interruption at the origin or endpoint(s).
The Agency was already using PKZIP by PKWARE on their mainframe. Upgrading to SecureZIP PartnerLink was simple. SecureZIP PartnerLink provided the lowest risk, highest performance, and the easiest integration and support options for their existing infrastructure, allowing daily operations to continue without interruption.
SecureZIP PartnerLink allows the Agency to distribute an unlimited number of SecureZIP Partner licenses, at no cost, to their partners. Being a “no cost” solution furthered partner acceptance and eased the adoption process. The Agency can extend their security policies, regardless of the number of endpoints or computing environments involved in the exchange.
Our client is now effectively protecting data at the file level, making it impossible for anyone except authorized personnel to access it, whether the data is at rest or in transit being exchanged via FTP. SecureZIP PartnerLink provides a cross-platform security solution that offers encryption, digital signing, and authentication. It also supports the AES encryption standard, meeting the Agency’s other technical requirement of AES 256-bit encryption.
As a “no cost” solution, implementing SecureZIP PartnerLink furthered business partner acceptance and eased the adoption process. In the end, our client eliminated the risk of exposing sensitive information being exchanged with external business partners by implementing a solution that accommodated current partners with the added ability to scale to meet the Agency’s future needs as new partners are added.
Our client is a state government agency charged with implementing the State’s public school laws, as well as the State Board of Education’s policies and procedures. The Agency is composed of hundreds of positions that work to provide leadership and service to all local public school districts across the state within the areas of instruction, finance, technology, and personnel support.
The Agency oversees all public schools within the state and is in possession of Personally Indentifiable Information (PII), including home addresses, phone numbers, and social security numbers. Since the Agency is responsible for formalizing the education standards state-wide, secure communication exchange is required between the state and individual counties.
When the agency contacted PKWARE, they were looking for a solution that would replace their current private SNA Network. The cost of maintaining the private SNA Network was thousands of dollars each month, an extremely expensive solution. It was essential to find a new solution that would be both cost-effective and could be deployed within a short time frame, prior to moving from the SNA Network to a public network.
It was also critical that the Agency find a solution that would allow them to continue exchanging massive amounts of sensitive data with their external business partners, totaling over 100 different counties across the state. First and foremost, however, the data needed to be secure before moving to a public network containing multiple operating platforms.
The Agency researched nuBridges® as another possible security solution. However, nuBridges, a point-to-point solution provider required that each end-point be licensed individually. While nuBridges would solve infrastructure issues, they would be costly to implement and did not offer additional features, such as the scalability that was critical to the Agency.
SecureZIP PartnerLink was a natural choice for our client. It was be deployed on their i5/OS midrange system and Linux server, providing them lowest risk, highest performance, and the easiest integration and support options for their existing and new infrastructure.
The “hub and spoke” design of SecureZIP PartnerLink allows information to be distributed from the central location, or “hub,” directly to the various end-points. Rather than transport security models, where only the transmission layer is secure, SecureZIP PartnerLink allows the data to be secure both in transit and at rest. SecureZIP PartnerLink allows our client to purchase a single solution that eliminated the high costs they were currently experiencing with the SNA Network.
SecureZIP PartnerLink also allows the Agency to distribute an unlimited number of SecureZIP Partner licenses, at no cost to their partners, furthering its cost-effectiveness. The Agency was able to deploy SecureZIP PartnerLink within a couple of weeks, eliminating their high monthly costs while providing a data security solution that ensured easy, efficient, and secure exchange of data with multiple end-points.
Our client, a large healthcare organization, has become a nationally recognized leader in efforts to improve the quality of healthcare. The organization’s array of additional services include community clinics in partnership with local medical schools, home care and hospice services, QuickCare clinics, and others.
Our client needed a secure, reliable enterprise solution for data exchange that offered strong encryption in order to meet HIPAA regulations. The organization had recently undertook an effort to digitize most of its records to ensure HIPAA compliance, reduce its reliance on tape backups, and, most importantly, make sure its patients had the most current records available when visiting an affiliated facility. It also needed to be able to securely exchange large volumes of Personally Identifiable Information (PII), including patient health records, from its mainframe computers to business partners and suppliers.
The organization wanted to ensure that if their information was intercepted in transmission, it could not be accessed. Simultaneously, due to the size of the files being transmitted, they needed a way to compress them. To address this issue, they explored several data encryption options, including PGP® and SecureZIP. The organization had to make sure the chosen solution would work in its heterogeneous computing environment. So, rather than having to find an encryption utility for each individual platform, they wanted one product that could handle all of their compression and encryption needs from a centralized IBM® z/OS system.
The organization selected SecureZIP for z/OS to enable strong encryption. This allowed them to send information via FTP to their partners directly from the data center, saving time and money. SecureZIP provided straight-forward implementation and its interoperability meant it could be implemented on platforms throughout the organization. Now, the organization has a centralized tool that allows users of other servers to FTP their files to their z/OS mainframe and have them compressed, encrypted, and transmitted.
Our client is an organizational division of one of the largest publicly funded healthcare systems in the United Kingdom. Since Her Majesty’s Revenue and Customs data loss in 2007 affected 25 million individuals, the organization has been proactive in protecting their sensitive information, taking steps to encrypt Patient Identification Information (PII) and maintain compliance with European Union Privacy Laws.
Considering the vast amounts of sensitive data the organization handles, they first and foremost required a solution that would meet the AES 256-bit encryption standard. The solution needed be easily deployed on thousands of desktops, providing strong data encryption for transfer of sensitive information via portable media, email, and FTP.
One requirement was the ability to enforce the use of strong passphrases so the encrypted data could not be easily accessed. Using SecureZIP, IT administrators can centrally configure passphrase strength and apply organizational policies and best practices.
It was also imperative that the organization find a solution that could be deployed within a very tight time frame. In addition to rapid deployment, ease of use was extremely important—they needed a solution that would be scalable across multiple operating environments and infrastructures.
A current WinZip® user, the organization soon realized the benefits that SecureZIP could offer over their current utility. SecureZIP offered both the compression capabilities and AES encryption WinZip was currently providing; however, unlike WinZip, SecureZIP also was able to provide:
The organization was introduced to SecureZIP Enterprise Edition. SecureZIP integrates with Microsoft Office, providing a solution that allowed for secure data storage with the click of a button. Since ease of use was a requirement, this provided an easy way for all employees, internally and externally, to secure information.
SecureZIP’s integration with Microsoft Outlook® provides the option for secure information exchange via email. With SecureZIP, information can also be sent securely via Outlook directly from Office applications, making the secure exchange of information even easier.
The contingency key functionality of SecureZIP allowed the organization to access encrypted data for audit or recovery purposes, a factor that became a necessity very early in the decision-making process. In addition, passphrase encryption allowed them to transfer data securely via e-mail, FTP, CD, and other forms of portable media. Data is protected, even if intercepted in transit, protecting the organization from a data loss similar to that of Her Majesty’s Revenue and Customs.
SecureZIP met and exceeded the organization’s initial goals, providing strong encryption for data transfer and storage, an easy-to-use solution for all employees, as well as rapid deployment and adoptability.
Our client is an IT services consulting firm and leading provider of solutions that enable companies to maximize their use of advanced technology. The firm assisted a government agency in selecting software and oversaw their ability to process information more quickly and easily, in an effort to increase operational efficiencies.
The volume of data being handled by the government agency’s operating system is immense. In addition to managing over six million claims per week, the agency also keeps two years of claim details in an active database. Maintaining these active claims allows for evaluation and validation of new claims within seconds.
The three-terabyte DB2 mainframe database application feeds into a data warehouse critical to the overall operations of the organization. Monthly and weekly updates from the central data warehouse are distributed to data marts maintained on-site at five remote locations. The source data for each data mart update is moved from the database and into the z/OS environment for transmission management.
Each update can fill as many as four 20-gigabyte IBM® 3590 tape cartridges. That data must be transmitted via FTP within a 12-hour operational window. Even with high speed OC3 connections, transmitting as much as 80 gigabytes of data to each of the five endpoints within the required time frame proved impossible.
The consulting firm turned to PKZIP for z/OS Enterprise Edition to compress data before distributing it to the various data marts. The agency’s update application now takes the data written to tape cartridges and compresses them with PKZIP before transmission. Ultimately, the consulting firm chose PKZIP because of the outstanding results it delivered when used in other projects.
The agency also incorporates critical information from third party providers. An update from a provider frequently includes as many as 160 files compressed and contained in a single ZIP archive each month. This is then written to CD and sent to the consulting firm. There, the ZIP archive is transferred to the mainframe where PKZIP automatically translates the data format from ASCII to EBCDIC during the decompression and extraction process.
“PKZIP compresses the data at least 75% and frequently as high as 90-95%,” according to an Operations Analyst. “Consequently, data mart updates that may have been as large as 80 gigabytes are compressed to as little as 4 gigabytes. We wouldn’t be able to complete transmissions within the operational window without the use of PKZIP. It works with the original ASCII-oriented file names and renames them to a Data Set Name (DSN) appropriate for the mainframe during extraction - it has good flexibility.”
Our client is a global provider of sophisticated information processing and computer software services and products to the financial services, communication, healthcare, and other major service industries.
The company exchanges sensitive financial information with their business partners, representing some of the largest mutual fund companies in the world. The majority of this information is sent via tape from the company’s mainframe to business partners. Our client specifically wanted to use key encryption at the X.509 standard to protect the sensitive information being exchanged.
The ability to deploy a security solution quickly and easily was a top concern--the need to protect tapes being sent to external business partners had become a number one priority. In addition, the company was looking for a solution that would securely transfer data and be compatible with all operating platforms.
Due to the financial data that the company handles, they were also facing the requirement of complying with PCI mandates.
When the company initially contacted PKWARE, they were only concerned with launching SecureZIP on their z/OS mainframe. However, after experiencing the scalability of the solution, the company decided to deploy SecureZIP on their i5/OS, UNIX server, and desktops running Windows. By purchasing SecureZIP for several operating platforms, they are able to use the solution as a standard within the company; or, they can also standardize the solution to specifically meet evolving business needs.
SecureZIP met all of the company’s needs, including the ability to encrypt sensitive data using the X.509 standard, allowing for the secure transfer of tapes with business partners. SecureZIP was launched throughout the organization and provided security across multiple operating platforms.
An unexpected added benefit the company received from their purchase of SecureZIP was that it helped differentiate them from their competition. SecureZIP could be extended to their business partners at no cost and still enable the secure exchange of data.
Our client is one of the largest securities and data processing firms in the country. The company provides customers with the knowledge and tools needed to succeed in the brokerage industry, focusing specifically on computer processing expertise to provide practical solutions designed to fit customer needs.
In their current operating environment, the company was using a method of secure FTP to transfer information from the mainframes within their data center. They realized that data leaving their facility was vulnerable and could end up unprotected in the wrong location. Secure FTP did not provide the protection they needed.
The company went to work looking for a security solution that would ensure that data being transferred would remain protected while in transit and as it arrived at each respective endpoint. Information is sent out from the data center’s mainframes, as well as by employees within the organization from their desktops. Since our client is responsible for processing data for large global organizations, having unencrypted information intercepted in transit had the potential to create a great deal of damage for all parties involved.
In addition to a data encryption solution, the company was also looking for a way to provide strong security while also increasing operational efficiencies within the data center—ideally they wanted a solution that would not only provide them with encryption, but also a way that they could save time and resources while achieving that data security.
The company realized that SecureZIP Enterprise Edition and SecureZIP PartnerLink would solve their security issues, and therefore purchased the product for their desktops and mainframes. This enabled them to send encrypted data to external customers from either operating platform, ensuring information remained protected at all times. Employees could encrypt data easily and exchange information securely from their desktops throughout the organization. The company brand was protected, as well as all data being sent from their organization to large business partners and internal resources alike.
The Application Integration feature of SecureZIP for z/OS® provided our client the ability to stream data directly into, or out of, a secure ZIP container, improving operating efficiencies within the data center while ensuring data remained protected, without ever staging it to disk. Extensive testing of this feature has shown elapsed processing times reduced by up to 600% and CPU clock times reduced by up to 60%.
Our client is a provider of industrial automation power, control, and information systems and services. The company operates domestically and internationally, including a Partner Network of thousands of regional and global specialists in distribution, system integration, and product referencing.
After conducting an internal audit, the company determined that they could be facing substantial fines for non-compliance with SOX requirements as a result of HR data that was being sent to a
third-party provider. The Personally Identifiable Information (PII) that required encryption was being sent to the provider from the company’s mainframe.
One of the company’s key requirements was the ability to add encryption without impacting other business processes and system utilization. The company was also concerned about the cost to upgrade their bandwidth to handle the new traffic. They estimated that this upgrade could cost as much as $24,000 more each month to conduct the nightly transfer of information.
Our client's goal was to research, implement, and test SecureZIP in their environment in one month. The company chose SecureZIP because of its cross-platform interoperability and because they could initiate it in both automated and interactive environments. SecureZIP provided the ability to securely transfer files from PCs to UNIX boxes to mainframes.
The company also selected SecureZIP because it offered the shortest time to implementation and the best system performance. Using SecureZIP, the company is able to provide strong encryption to meet SOX requirements while minimally impacting processing times through the use of data compression. SecureZIP enables them to send 9 DB files compressed from 1GB to 200MB nightly, saving both time and bandwidth.
Our client is one of the largest private forest landholders in North America. The company owns or manages over 1 million acres of forestland and runs saw mills, molding, millwork, and window and fiber product factories. In addition, our client is also an electronic co-generation company.
The company runs its business applications on two iSeries machines. Backup requirements consist of daily object mirroring from the production box to the development machine for potential disaster recovery via FTP over a T1 line. Backup requirements also include nightly tape backups of sensitive employee data (Peronally Identifiable Information such as Social Security numbers, payroll information, etc.) for off-site storage. Processing times for backups was a continuous challenge for the company, and, as data volume increased, it was becoming more difficult to meet the times required for the processing window.
Our client needed a solution that would facilitate a more efficient backup process and protect confidential data. SecureZIP fit this need perfectly. Using SecureZIP, the company could merge encryption and compression into one process, keeping CPU consumption to a minimum. It enabled them to save iSeries data directly into a ZIP archive without creating SAVF files first, allowing them to connect to their development box over the network instead of via a T1 line.
SecureZIP’s unique ability to combine the compression, encryption, and SAVF file creation steps was vital in solving the company’s backup time crunch. Not only did using SecureZIP ensure their confidential data was protected, the compression feature meant there were smaller files to encrypt, speeding up distribution significantly. The company is now able to transmit files nightly via FTP from the production to development system in half the time the process previously took.
Our client is a national retailer with more than 175 locations across the United States. They are committed to providing their customers with high quality merchandise at competitively low prices. Their extensive selection of products, including groceries, electronics, apparel, and accessories, as well as health and beauty items, ensures a one-stop shopping experience for their customers.
The retailer experienced a breach in security involving credit and debit card information. Affecting thousands of transactions. The breach raised questions about the company’s ability to protect confidential customer information. After assessing the problem, the Federal Trade Commission (FTC) determined that the retailer’s security measures were not adequate. The FTC advised the company to implement a data security solution that complied with the Payment Card Industry Data Security Standard (PCI DSS).
Each day, stores in the retail chain send purchase transactions from the past 24 hours to a DB2 database on the z/OS mainframe located at corporate headquarters. The transaction data for each 24-hour period is put into batch files and encrypted. It remains in storage for a number of days until all transactions are closed. Once closed, the batch files are sent to an AIX server, where the information is decrypted and stripped of all sensitive customer data. The sensitive data is then deleted and the remaining non-sensitive data is moved to an Oracle data warehouse for storage.
To evaluate its data security needs and advise the company on its purchase, the retailer engaged a consulting firm and the expertise of a supply chain analyst.
The retailer was advised to compare SecureZIP and PGP® . A detailed comparison showed that PGP was unable to work across all computing platforms within the retailer’s environment. And while PGP was able to encrypt files, it could not provide the file management capabilities the retailer required (e.g., recognition of file attributes, EBCDIC/ASCII conversion).
In addition, although PGP does compress data, its compression format is not based on the .ZIP file format and therefore could only compress files up to 50%; consequently, SecureZIP could achieve a 98% compression rate.
After the detailed comparison was complete, the supply chain analyst termed SecureZIP the “slam dunk” solution. “SecureZIP is an elegant solution for the z/OS environment because it encrypts, compresses, and manages many kinds of files--all in a single application across many platforms. PGP cannot compete with the overall value and ease of PKWARE’s application.”
SecureZIP’s performance and reputation for helping organizations comply with PCI DSS assures potential users that their data will be protected in transit and in storage. In addition to securing data, SecureZIP effortlessly streamlined operations and increased the retailer’s productivity by:
As an overall assessment, the supply chain analyst told the retailer, “...that this was a slam dunk--SecureZIP was far and away the product that fit their need. It was going to deliver the security they needed, true enough, but as a solution its advantages extended beyond security. SecureZIP’s other features would vastly improve the client’s processing efficiency at a lower cost. At that point, the retailer hadn’t expected a security solution to accelerate productivity. But I knew that SecureZIP was going to boost processing efficiencies in a number of ways.”
Our client is one of the nation’s top 20 retailers, with over 850 locations.
The retailer was facing increasing pressure to comply with increased PCI DSS regulations, especially when exchanging information with business partners. The retailer recognized the need to find a data encryption solution—one that would conserve resources and allow them to create an archive directly out of an application, thereby significantly reducing file encryption, compression, and transfer time.
Although the retailer investigated other data security solutions, SecureZIP/PartnerLink quickly proved to be the solution to the retailer’s data security concerns—it was easy to use and support, and maintained superior functionality and encryption capabilities. PartnerLink, an extension of SecureZIP, also solved the issue of securely exchanging sensitive data with over 200 business partners.
PartnerLink extends the retailer’s security policies to external partners by complementing existing infrastructures and security environments, making bidirectional exchange of data an easy task. PartnerLink is provided to business partners at no cost.
The Application Integration feature of SecureZIP provided the retailer the ability to stream data directly into, or out of, a secure Zip container, improving operating efficiencies and ensuring data remained protected, without ever staging it to disk. Application Integration ensured that the retailer would no longer have to risk writing data to temporary files for exchange, providing increased compliance with PCI DSS mandates. SecureZIP also dramatically increased operational efficiencies- -testing of SecureZIP has shown elapsed processing times reduced by up to 90% and CPU second utilization reduced by up to 60%.
SecureZIP's performance and reputation for helping organizations comply with PCI DSS assures potential users that their data will be protected in transit and in storage. In addition to securing data, SecureZIP effortlessly streamlines and increases productivity. SecureZIP also works seamlessly across platforms, including mainframes and midrange systems, servers, and desktops. It also simplifies operations procedures by supporting both PKI and non-PKI implementations, while providing scalability to fit the organization’s infrastructure.
Our client is a leading international specialty retailer offering clothing, accessories, and personal care products for men, women, and children. Operating under the retailer are multiple brand names with over 3,000 stores and outlets globally.
Our client anticipated being affected by a variety of compliance initiatives, including PCI and private state laws that require companies to disclose any security breach to those affected by it. Wanting to avoid a breach and the negative publicity associated with it, the retailer took a proactive approach to data security and began planning, researching, and budgeting a security initiative a year in advance.
The retailer recognized that their primary challenge was to secure their outbound financial and customer data. This data originated on their z/OS machines, UNIX servers, and desktops, so they needed a multi-platform solution that would support all of their computing environments. They needed a solution that was scalable, able to adapt to changing environments and compliance mandates, and had a strong presence in the marketplace. Overall, they wanted a long-term solution that would grow with their organization and meet both current and future security requirements.
The retailer had PGP® installed on about 10% of their servers, but had experienced issues associated with cost and licensing complexity. In addition to PGP, they considered a wide variety of security solutions, including MegaCrypt, IBM MQ, SSL, SMIME/SecureContent/Via Seal, and EFS.
The retailer chose SecureZIP, a data-centric solution, because it met all of their requirements. They were also very familiar with RSA and their relationship with PKWARE. The retailer implemented SecureZIP for z/OS, UNIX Server, and Windows desktop. The retailer liked the scalability and flexibility SecureZIP offered their multi-platform enterprise. SecureZIP provided a solution that could incorporate their anticipated implementation of a PKI environment, making SecureZIP’s support for public key encryption extremely valuable. In addition to using SecureZIP for their business data, they recognized that they could use SecureZIP for other data security requirements including securing HR information to meet HIPAA compliance.
Our client helps organizations confront critical legal, financial, and reputational issues. They offer specialized expertise in five separate areas that operate as a coordinated whole, including corporate finance, economic consulting, forensic and litigation consulting, strategic
communications, and technology. The company also provides investigative services to
companies confronted with problems such as fraud in order to assist them in legal defense or pursuit of recoveries.
Our client was looking for a way to reduce operational overhead and standardize current decompression processes with a single solution. They sought an application that could be
embedded within an existing technology used by the organization.
The company did not have a standardized method of processing the multitude of file types they handle daily—totaling 14 different types. Using four separate products (Polarzip, Winrar, Omnizip, and Dynazip) to achieve a single task was proving to be time consuming and cumbersome. The company wanted to streamline their application and reduce overhead by finding a single solution to handle all of their file types, making their processing easier and more efficient.
The company also had other requirements that needed to be met by the chosen product, including the ability to:
The company also had a list of additional benefits they felt would enhance the usability of the product, especially for future projects. These benefits included the ability to:
In addition to PKZIP, the company also investigated 7-Zip as a possible solution. 7-Zip was not able to process all of the possible types of compressed files that our client receives and fell short on meeting the other requirements as well.
As an open source community, 7-Zip does not provide customer support. Since accessing data is critical to business, the need for technical/customer support was an obvious benefit to implementing PKZIP. Once again, PKZIP came out on top as a result of the customer service and technical support provided by PKWARE.
Our client found that they could replace all four of their current products by implementing the PKZIP Standard Toolkit within their application. This solved their immediate need to find a single solution to replace the four currently in use. In addition, PKZIP met the technical requirements outlined at the onset of the project.
The flexibility of the PKZIP solution to fit into the company’s current and future technical requirements was another primary reason the product was selected. Not only would PKZIP meet the “must-have” requirements, it met all of the “nice to have” requirements for future projects.
Our client is a Fortune 500 company that provides various services to residential and commercial customers through a network of thousands of locations and franchised licenses. Services of the company include lawn care services, pest control, home cleaning, and home inspection.
Our client performs services at various residential and commercial locations. Information pertaining to various service locations needs to be given to drivers before they can begin their route of services each day. Before contacting PKWARE, the company maintained large maps at each truck station that displayed all of the stops for each driver; they would gather the information they needed and independently run their daily routes.
A recent purchase of handheld devices now allows the company to electronically provide route information to its drivers. The use of these handheld devices maximizes efficiency, as a central corporate location can add, delete, and update routes as needed. While the addition of handheld scanning devices was going to help streamline operations, the company soon encountered problems efficiently moving large amounts of data from their central corporate location to the handheld units.
Our client found that PKZIP for i5/OS solved the issues they were experiencing with moving large quantities of data. The data center sends information wirelessly to thousands of drivers who each have a handheld device. Due to the wireless transit of information, a lot of data is being sent over a small pipe – ZIP compression was able to solve the problem. Using PKZIP, the data center leverages the software on their AS/400 to compress the routes and stops for the various drivers. The zip files are sent wirelessly to the drivers who receive them on their handheld devices.
When in the field, various representatives can also send back information to the central data center. For example, one of the company’s franchises has over 800 field representatives that use the handheld devices across a three state region. A representative can gather information at a specific service call location and then send it back to the data center, compressed, where it can be uploaded to the AS/400, decompressed, and logged for future use.
Our client is seeing immediate positive results from implementing PKZIP. The process of sending route information to drivers has been streamlined, eliminating missed calls and allowing for cancellations to reach drivers with enough time to react and reorganize their routes. Ultimately, the use of PKZIP for i5/OS has maximized efficiency by allowing for more stops per day per driver. In addition, increasing the ease and speed with which information can be returned to the central location allows for faster billing, invoicing, and processing; this, combined with a reduction in error, has improved overall business and increased company profits.
Our client is an IT services consulting firm and leading provider of solutions that enable companies to maximize their use of advanced technology. The firm assisted a government agency in selecting software and oversaw their ability to process information more quickly and easily, in an effort to increase operational efficiencies.
The firm’s z/OS mainframe (260 MIPS) is located at their data center in New Jersey; each night the company needs to put several files, each over 10 GB in size, on CD so they can be transferred to various Federal agencies. When the company first contacted PKWARE, they had two immediate needs: 1) to compress large files stored on CD that are sent each night to various Federal agencies; and 2) encrypt the information being transferred in compliance with FIPS 140-2 requirements.
In addition to their immediate needs, they were also hoping to benefit from a data security solution that would encrypt data at the source on the mainframe and be able to transfer it securely to end points such as Windows® desktops. They wanted to ensure the data remained protected during all steps of the transfer process, at rest on originating and destination platforms, as well as in transit.
Our client’s data center managers and system programmers agreed that SecureZIP for z/OS would meet their immediate requirements, as well as provide a stable and easy-to-use solution to meet other organizational needs.
Using SecureZIP for z/OS, the firm was able to meet their immediate needs of large file support and complying with FIPS 140-2 requirements; but they were able to leverage the solution even further. Using SecureZIP for z/OS, our client has now streamlined their process for compression and sending large files, mitigating risks associated with client data breaches.
The data-centric security approach allows them to stream sensitive data freely within the organization as it is protected from the originating source, in transit, and remains protected when it reaches its destination. For example, information is now encrypted on the z/OS mainframe and can be sent to any destination platform (servers, desktop, etc.) where it remains encrypted until it is ready to be placed on CD. That information can also be easily transferred in an encrypted format to CD when needed, meaning at no time is data left vulnerable and unprotected. In addition, the use of efficient ZIP compression has increased the efficiency of daily processing, requiring less wall clock time and CPU utilization.
Our client is a non-profit teaching hospital and regional referral center offering full-service hospitals as well as specialty medical and surgical care. The organization also consists of rehabilitation and psychiatric hospitals, as well as a Level II trauma center.
Each night, our client transfers large batches of Personally Identifiable Information (PII), including patient and procedure information, to partners such as collections companies, market research organizations, and government reporting agencies. When the organization approached PKWARE, they were using PKZIP to compress data for nightly and monthly batch processing; the amount of data being processed had grown considerably since the initial implementation of the product. As a result, they were looking to reduce AS/400 resource utilization and increase the speed of large file transfers.
In addition, recent highly publicized data breaches, as well as required compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other regulations, prompted our client to begin their search for a data security solution that would protect patient and employee information being transferred.
Our client’s history with PKWARE and its products made the selection of SecureZIP an easy one. The product’s reliability and ease of use also played a large role in the organization’s decision. “We haven’t had a single problem with it,” said the organization’s AS/400 Operations Manager & Security Officer.
By leveraging the ZIP compression standard, SecureZIP allows our client to reduce the steps and complexity associated with data encryption by integrating directly into their current FTP process. Faster batch processing transfers to partners frees bandwidth and disk space. In addition, partner acceptance of ZIP as a standard, regardless of computing platform, emphasized the product’s ease of use and rapid adoption.
SecureZIP’s encryption capabilities helped the organization meet the compliance requirements outlined by HIPAA. Adding security to their data exchange processes protects our client’s reputation and brand, as well as ensuring they do not fall victim to a data breach similar to those recently publicized.
Using SecureZIP, the organization now automatically compresses and encrypts data for nightly and monthly batch processing; this provides the ability to compress multiple files at once and also provides end-to-end encryption of sensitive files. In addition, the organization not only solved their immediate requirements, but they also now have the ability to compress and encrypt their backup files for off-site storage, which lowers costs associated with media and expensive “white glove” transport methods.
Created in 1935, our client is an independent agency within the executive branch of the Federal Government. Their primary function is to administer a social insurance program for one of our nation's largest employment groups. Our client is headquartered in Chicago, IL with field offices throughout the country.
In 2009, our client underwent an IT security audit in support of established FISMA guidelines; they were cited for deficiencies in access controls surrounding IT security. Specifically, they were found deficient in not adequately encrypting sensitive Personally Identifiable Information (PII) and Personal Health Information (PHI). The Agency took a proactive stance and, not wanting to face a failing compliance grade or fall victim to a data breach, began researching data security solutions that best fit their agency's needs.
Due to the large amounts of PII and PHI that our client handles, they are required to comply with OMB M-06-16 and FIPS 140-2 requirements. It was critical to find a data security solution that could ensure they were in compliance with these initiatives. The Agency also exchanges sensitive information with their external partners, including numerous regional offices and State agencies. The data is placed on tape cartridges (up to 800 MB per tape) and sent, unencrypted, via courier to the off site locations. In addition, tapes are used for off site back-up storage; 24 TB of unencrypted mainframe data and 16 TB of unencrypted server data is stored.
Since our client works with several external partners, it was important to choose a data security solution that would promote secure data exchange with external partners in a cost-effective manner. The chosen solution needed to easily integrate into the Agency's current workflows and processes and also required the secure, efficient exchange of critical business information.
The Agency provided PKWARE an overview of the additional requirements they were seeking in an encryption solution, which included the ability to:
SecureZIP PartnerLink was the clear choice, meeting all of the Agency's requirements while also providing additional value not originally sought at the onset of the project. SecureZIP PartnerLink, which is deployed on the Agency's mainframe (SecureZIP is also deployed on several AIX servers), provided the lowest risk, highest performance, and easiest integration and support options for their existing infrastructure. Daily operations with partners were able to continue without interruption.
SecureZIP PartnerLink also allows the Agency to distribute an unlimited number of SecureZIP Partner licenses, at no cost, to their partners. Being a "no cost" solution furthered partner acceptance and eased the adoption process. Our client is now effectively protecting the data at the file level, making it impossible for anyone except authorized personnel to access it, whether the data on tape in transit via courier or in storage at an off site facility. And, they can extend their security policies, regardless of the number of endpoints or computer environments involved in the exchange.
In addition to meeting our client's critical need to securely exchange data with external partners, SecureZIP PartnerLink also met each of their other requirements. Due to its use of strong encryption and ability to run in "FIPS mode," SecureZIP PartnerLink ensured that compliance requirements with FIPS 140-2 and OMB M-06-16 were met. Also, because SecureZIP PartnerLink is transport independent, it is capable of sending encrypted data via Electronic File Transfer (EFT), as well as encrypting data onto mainframe tapes. Although the Agency is not currently using SecureZIP PartnerLink for EFT, it offers them a flexible solution that can grow with the organization's data management and security needs.
Due to the fact that our client's initiative was data security driven, they had concerns about what adding encryption would do to their SLAs. Traditionally, adding encryption to a data exchange or back-up process results in additional required time to write data to tape. However, because SecureZIP PartnerLink combines zip compression with strong encryption, they were able to reduce the size of files before encryption, ensuring they continued to meet their SLAs.
PKWARE also alleviated the Agency's concerns by ensuring they could not only receive 24/7 technical support, but professional expertise regarding industry best practices and how to best leverage SecureZIP PartnerLink within their mainframe environment. PKWARE assisted the Agency each step of the way through set-up, implementation, and ongoing support. Seen as an expert within the industry, PKWARE also provided on site personnel during implementation and assisted them in leveraging ICSF on the mainframe to further maximize their investment.
In the end, our client eliminated the exposure risk of sensitive personal information by implementing a solution that allowed them to securely exchange data with partners. Much like other major government agencies such as the Centers for Medicare and Medicaid (CMS), our client has been able to add strong data protection to daily operations and improve operational efficiencies without additional cost or overhead. Not only have they solved their initial problems and met immediate requirements, but SecureZIP PartnerLink provides the flexible solution that will continue to grow with their organization and address future issues without requiring other products, services, or vendors.
Our client is one of the world's largest financial institutions, providing individual consumers, small/ mid-market businesses, and large corporations a full range of banking, investing, asset management, and other financial and risk-management products and services.
The company needed to comply with the Payment Card Industry Data Security Standard (PCI DSS), which required them to protect credit card data as it is transmitted, processed, and/or stored, impacting several processes throughout their organization. Initially, the company set out to protect and store credit card dispute information for the PCI mandated minimum of 7 years.
This information was taking up space on their UNIX server, so the company wanted a solution that could both encrypt and compress the data. Every night, hundreds of thousands of settlement transactions containing confidential credit card information are sent to companies of all sizes. Without secure, dedicated lines set up for data transfer with smaller merchants, this confidential credit card data was sent via fax.
In an effort to secure this process, the company established an initiative to move all fax transmissions to email, electronically transferring encrypted data to multiple endpoints that would then have to decompress and decrypt the data after it was received. The data for these transactions originates on the company's z/OS mainframe and is then transferred to an internal server before it is sent externally to merchants. The company wanted a solution that would be easy to use and cost effective, especially for their business partners.
As soon as the company purchased SecureZIP, they quickly realized the solution could work for additional security initiatives throughout the organization. They engaged PKWARE for assistance in achieving strong enterprise security across all major computing platforms.
The company wanted to use PKI to facilitate secure email communication both internally and externally with business partners. SecureZIP was the only solution that could provide the level of functionality, customization, and ease of use required. The company also incorporated the RSA Keon Certificate Authority product as well as the PKWARE ZIP reader to round out the solution.
SecureZIP provides seamless integration with the centralized directories containing digital certificates issued by RSA. This supported the requirement for processing secure transactions without slowing the delivery of reports to their partners. PKWARE's free ZIP reader extends the benefits of SecureZIP to the company's large network of partners without requiring them to purchase additional software. As a result, our client is able to securely communicate with, and send information to, its partners, regardless of the their computing environment or security infrastructure.
The Institute for Social and Economic Research (ISER) at the University of Essex specializes in the production and analysis of longitudinal data – evidence which tracks changes in the lives of the same people over time. ISER research makes a major contribution to the to the University of Essex’s top research ranking. Using longitudinal studies such as the British Household Panel Survey and its successor, Understanding Society, researchers at ISER focus primarily on the life-course of the individual and the changing nature of society. Their research makes a crucial contribution not just to the academic literature on these subjects, but to the decisions that are made by practitioners and policy makers around the world.
The ISER’s business goals are centered on securing sensitive research data. Understanding Society studies the socio-economic circumstances and attitudes of 100,000 individuals in 40,000 British households. The study also captures biomedical data on 20,000 participants and places it alongside rich social histories, helping weigh the extent to which peoples’ environment influences their health. Because of the sensitive nature of the data handled, security must be a part of the ISER business model. A breach or leakage of sensitive data would be disastrous to their reputation.
The ISER works closely with government departments who require compliance with FIPS 140-2. In addition, the ISER must comply with the Data Protection Act in Europe and the UK; however it didn’t want to compromise the productivity of its researchers and employees in the process of securing data to meet compliance.
Sensitive Research Data Exposure
As the ISER prepares the raw data for release; they apply quality control measures and make the data anonymous.
The UK Data Archive, the United Kingdom’s largest collection of digital research data in the social sciences and
humanities, then distributes the data to the research community. While anonymity removes the risk of exposure in
the main datasets that are distributed, the risk of exposure is higher in specialized datasets that are released under
more stringent conditions. Over time, the ISER built a significant pool of respondents for Understanding Society
who trusted them to use their information in a certain way. The reputation of the research was on the line. ISER
needed to protect sensitive data from the outside.
Compliance
FIPS 140-2 requires government agencies and organizations that exchange sensitive information with those agencies
use cryptographic-based security systems to protect sensitive information. The Data Protection Act has similar
encryption requirements. Collaboration with government partners would cease if the ISER couldn’t prove FIPS compliance.
ISER needed a solution that supports the various industry and government security regulations.
Complexity
The ISER researchers did not want their daily workflow to be disrupted by added encryption processes. In order
to reduce complexity, any added security measures needed to be streamlined into the everyday workflow of ISER
researchers and employees.
Secure Movement of Data
Data is securely shared within the ISER and externally with The UK Data Archive. With SecureZIP for Windows®
Desktop, ISER researchers will be able to encrypt sensitive data saved on internal systems, and shared externally
via email and portable media like USB drives. Strong encryption using X.509 digital certificates and/or passphrases
allows the ISER flexibility in encryption options. SecureZIP provides an advantage to the ISER because it integrates
into their policy framework. Administrators can easily set and enforce encryption use to align with internal governance.
Compliance
With SecureZIP, the ISER will be compliant with FIPS 140-2 and the Data Protection Act. SecureZIP strongly
encrypts the data itself rather than the storage device so data remains protected even if placed on removable
media that is lost or stolen during transit.
Streamlined Solution
SecureZIP was a straightforward solution. It was easy to standardize
on SecureZIP as the encryption format for the movement of sensitive
research data. Integration with Outlook® and Microsoft® Office helped to
streamline the use of encryption. Researchers will be able to easily save
documents containing sensitive data in alignment with ISER encryption
requirements.
The ISER will be able to tell their funders that they are using FIPS compliant encryption, making it easier to receive research grants. When the rollout to SecureZIP is complete, the ISER expects its researchers will easily be compliant with complex regulations that they may not necessarily understand because encryption functionality is integrated into the Microsoft Office tools they already use.
Email
Print
Download PDF
Financial Services
Banking
Healthcare
Federal Government
State Government
Retail
Manufacturing
IT Services
Consulting Services
Research and Higher Education
Press Room
Latest Blog Post
