Enforcive, a leading provider of security software for IBM i announced the release of Enforcive/ Field Encryption. With this release the company is adding field level security to its Enterprise Security suite for IBM i that is also covering exit point and object-level security and monitoring.

Field Encryption

Within Enforcive/Field Encryption organizations have a large variety of algorithms like TDES 8, TDES 16, TDES 24, DES, AES 128, AES 192 or AES 256 at their disposal to encrypt data on their IBM i. The product provides tools for the encryption of alphanumeric and numeric fields. Unauthorized users will not be able to see the encrypted data, even when they try to access it through journals.

Role-based Key Management

The product offers flexible key management. It is based on two-tier encryption requiring master keys in order to generate data keys, ensuring strict separation between those who generate the keys and those who use them. As an additional measure of security Enforcive can encrypt each key used to manage the encryption algorithm. Organizations using Enforcive/Field Encryption have the option to either store the key either on IBM i or a remote environment. Encryption keys are assigned to users or groups of users based on roles which can be defined by the organization.

Masking and Scrambling

Full or partial masks of fields can be applied on-the-fly on any kind of database fields. For numeric fields Enforcive also offers an option to scramble data, which is very beneficial to organizations that need scramble data for developing and testing their applications.

Data Protection

Those users who are unable to see the true content of certain fields (whether these fields are encrypted, masked or scrambled), are prevented by Enforcive from updating these fields.

GUI-Based

The product is fully GUI based allowing security officers who are not necessarily green screen experts to be involved in the protection of sensitive data in their organization.

"With the new Enforcive/Field Encryption for IBM i. it is possible to create an almost out-of-the-box encryption process. We wanted to create a product that would make it easy to manage data protection and encryption while minimizing its impact on programming staff and ensuring maximum security of encryption keys", said Shimon Bouganim, CEO of Enforcive

Object Encryption

In addition to field encryption, masking and scrambling Enforcive also offers object encryption. The product provides encryption and saving of whole libraries as well as individual objects. A series of commands allow easy integration of Enforcive object encryption into back-up processes. Organizations backing their data up to tape, now have an easy way to make sure the data cannot be read by anyone who is not authorized in case their tapes end up in wrong hands.

Operating System

The encryption/masking and scrambling capabilities are available for customers with IBM i V7R1. The Object encryption is available for customer using IBM i V5R4 and up.

Application Independence

Enforcive/Field Encryption has been developed to avoid affecting the applications within the organization where it is deployed.  Organizations do therefore largely not have to change their applications when encrypting or decrypting data when using Enforcive Encryption. In addition the product has been optimized for performance reducing the impact encryption may have on the use of mission critical applications.

Regulatory Compliance

Enforcive/Field Encryption facilitates and can accelerate the compliance of organizations with laws and regulations like PCI DSS, GLBA, SOX, HIPAA and privacy regulations. Encryption activity is tracked through a dedicated log.

Integration with Enforcive/Enterprise Security

Enforcive/Field Encryption and Masking can be deployed standalone. The product however can also function as a fully integrated part in the Enforcive flagship offering, Enterprise Security for IBM i. From the GUI of Enforcive/Field Encryption users can move transparently to modules within Enforcive/Enterprise Security like audit logs, reporting, exit point and compliance management etc. Allocation of keys to users is integrated with Enterprise Security user management. Key Creation is integrated with Enterprise Security administration role management. The logs of encryption activity are stored in the Central Audit and can be reported off through the Report Generator.

"Over the years we have been helping many companies to optimize their IBM i security and automate their compliance with regulations. By adding field level security to the Enforcive Enterprise Security suite, that is already covering exit point and object level security and monitoring, we are offering a comprehensive solution for any organization looking to secure their IBM i."  - Shimon Bouganim, CEO.