Enforcive Field Encryption


The Simplest, Safest Method for Implementing IBM i Field Encryption

The Enforcive Field Encryption add-on provides a comprehensive platform for file- and field-level encryption, allowing companies to meet even their most stringent compliance regulations, including the PCI DSS stored credit card protection standard. This powerful application-independent encryption technology can be added to your applications without incurring a large impact on performance and typically without requiring any changes to program source code or database file structures. In addition to encrypting data, Field Encryption also provides complete data masking and scrambling capabilities.

This vital layer in your efforts to secure sensitive data prevents even power users from accessing data in fields that require limited access. And because of its GUI interface and tight integration with the modules of the full Enforcive Enterprise Security Suite, Field Encryption is easy for any security officer to use and manage.

Highest Encryption Standards

Security officers can select from standard algorithms for the encryption of data, including ES 128, AES 192, AES 256, DES, TDES 8, TDES 16 and TDES 24, A. By fully encrypting both alphanumeric and numeric fields, Field Encryption ensures unauthorized users will never be able to see encrypted data, even if the user tries to access the data through journals.

The Five Steps to Encryption

Masking, Scrambling and Save File Compatibility

Full or partial masks of fields can be applied on any kind of database field. For both numeric and alphabetic fields, there is the option to scramble data, which is particularly beneficial for organizations that need to use live data when developing and testing applications. The product also offers object encryption for save files, allowing administrators to encrypt and save entire libraries or individual objects. File Encryption can also be easily integrated within your backup processes to protect against unauthorized data access should backup tapes end up in the wrong hands.

Field Encryption
Solution Overview

Field Encryption

An all-inclusive engine for implementing field-level encryption on IBM i, this powerful module provides field masking and data scrambling, while also supporting IFS encryption and Save File encryption.
Read More

Robust Key Management Features:

  • Key management is based on two-tier encryption processes requiring master keys to generate data keys, thus ensuring strict separation between those who generate the keys and those who use keys
  • Encryption keys are assigned to users or groups of users based on roles that are defined by the organization
  • Administrators determine the name, library, and authority of all automatically generated key files
  • Key strings can be entered manually or can be generated automatically to ensure that even an administrator cannot know key values
  • Settings can be configured to encrypt each key that’s used to manage the encryption algorithm, which provides an added measure of security
  • Keys can be stored on a local IBM i or remote Windows server environment
  • Keys can be generated without limit, which means you can use a different encryption key for each field if desired
Security eBook from Vision Solutions

Cybersecurity: A New World

IIT security is at the top of professionals’ minds—and for good reason. With cyberattacks occurring at an alarming rate and billions invested in new initiatives every year to combat them, it’s important to use the most current information to stay prepared. Over 1,500 professionals across all industries shared their experience and lead a discussion on security that could help you stave off the next generation of IT threats.
Read More

Additional Features and Benefits

  • User-defined Access - Decrypt data at the user group level everywhere on the system, without the need for application level detail.
  • High Availability Compatibility –No need to take any special measures for high availability environments. HA backup databases are identical to the production system and contain the master and data keys needed to encrypt and decrypt the data.
  • Integration with Enforcive Enterprise Security Manager - Although the encryption and masking features of Field Encryption can be deployed independently as a standalone solution, the product can be managed seamlessly within the Enforcive Enterprise Security Suite. Through the graphical interface of Field Encryption, users can move easily between modules of the Enforcive Suite. The allocation of keys to users is integrated with Enforcive’s User Management module, while key creation is integrated with Role Management . Changes to encryption configurations are logged by Central Audit and can be reported on in Report Generator.