EXPERT RESPONSE
You and many others are being forced to deal with the need to encrypt cardholder data. OS/400 does have encryption capabilities. If you want to tackle this issue on your own, you will want to use either the programming APIs that perform encryption functions (these ship with the operating system) or use a hardware crypto card that is supported on iSeries (at additional charge). The APIs are easier to use, but the hardware card has the advantage of having built-in key (encryption key) management. That's one of the biggest and trickiest issues that you will face implementing encryption – managing the encryption key. You can find more information on both the software encryption APIs and the hardware crypto card on the IBM Information Center website at IBM Information Center. If you don't want to tackle this issue yourself, there are several vendors that offer encryption solutions for iSeries. At least one, Patrick Townsend and Associates provide key management functionality with their product. I suggest that you research the vendor products available and the options that come from IBM and determine which works best for your organization's programming and security administration skills and resources.
==================================
MORE INFORMATION ON THIS TOPIC
==================================
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Visit the ITKnowledge Exchange and get answers to your security questions fast.
|
