I hope everyone is getting a good start on 2010. We have received a large amount of positive customer feedback on our reseller relationship with Merlon and we thank you for that.
Traditionally at XYPRO, we begin each February with a week of Kick-Off sessions. All of us gather at our California headquarters to assess the previous year and set plans for the future. It’s a time of concentrated information exchange and collaborative brainstorming, with all teams participating ‘across all the aisles’. It’s an opportunity to discuss changes in the market and our customers’ needs. We go over feedback from customers and partners regarding current requirements and anticipate what security functions will be needed, both to meet future compliance regulations and to thwart security threats. A high priority includes looking at our products and evaluating how to improve and repackage them so that customers can easily purchase the modules that they need and use them to their best advantage.
There are a number of exciting activities afoot with us, some of which we can share, and some of which we need to keep secret for just a bit longer. What I can tell you is that we cut our first deal with a Neoview customer, so we’re now protecting a high profile decision support system built from the ground up on the most scalable and available data warehouse platforms.
After my last column, an HP press release announced enhancements to our favorite system, the NonStop Server. It quoted Diederick de Buck, technical architect for NonStop systems at Rabobank, who said that, “Rabobank looks to HP NonStop technology to handle our mission-critical financial services applications and help mitigate risks associated with virtual banking.”
As you might imagine, the best way to mitigate the risks associated with any online application is through the implementation of secure systems, secure networks, and secure applications. With NonStop as the foundation, all that remains is to protect your application and network communications – and we’re here to help you do that with products and consulting services.
The release also mentioned the new NonStop BladeCluster Express 1.2, which allows the creation of complex enterprise data center systems spanning a large geographic area and thousands of processors. Other enhancements include the capability for improved business decision-making by aggregating “islands” of information across an enterprise. Can you say, “cloud computing?”
While other companies are just starting to talk about the cloud, XYPRO customers, like a large travel booking site, have been building clouds out of NonStop servers for many years. And not just any cloud, but a scalable, available, and secure cloud. So when a C-level exec drops by and asks what you are doing about cloud computing, just point to your NonStop Servers and let him or her know that everything is under control.
In other news, a hacker was able to break into the database of RockYou, which provides applications and services for social networking sites like Facebook and MySpace, and obtained 32 million clear-text passwords. For whatever reason, the passwords of RockYou’s customers were not encrypted and were an easy target. Now that the horse has left the barn, RockYou has found religion and is encrypting all passwords and reviewing their current data security features to ensure that they meet industry standards and best practices. Do you have ENCRYPTPASSWORD set for your UserID file? Have you upgraded from DES to HMAC256 encryption? Call our tech support line if you want assistance with either of these.
And speaking of encryption, watch for our own Scott Uroff’s article in the next issue of Connection magazine. This article will describe the various types of encryption algorithms and how they work, point out the limitations when using specific encryption methods, and address how important it is for companies to use approved and certified encryption modules within their infrastructure.
To close, I want to mention that just like XYPRO, the US government also is working on advancements in data protection. The FIPS 140-2 Level 2 standard to which we certify our encryption products dates back to May 2001. This is one year after the Zero Latency Enterprise (ZLE) was first introduced and the same year that HP announced the merger with Compaq. This is pre-NonStop SQL/MX and well before Integrity NonStop. As you can imagine, we could not agree more that the standard needs to be updated and our cryptographers are already evaluating any changes needed to comply with this new standard when it is published next year.
Sheila Johnson
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment