Q
Manage Learn to apply best practices and optimize your operations.

Does OS/400 have encryption/decryption capability?

We have just been notified that we need to be compliant with Visa's CISP (Cardholder Info Security Program). We...

need to encrypt credit card numbers on our iSeries files. Does OS/400 have encryption/decryption capability (i.e. use a command to encrypt/decrypt)? If not, do we need to buy software? I hear about Triple DES being available on the iSeries. What do we have to do to utilize it? Where do we begin?

You and many others are being forced to deal with the need to encrypt cardholder data. OS/400 does have encryption capabilities. If you want to tackle this issue on your own, you will want to use either the programming APIs that perform encryption functions (these ship with the operating system) or use a hardware crypto card that is supported on iSeries (at additional charge). The APIs are easier to use, but the hardware card has the advantage of having built-in key (encryption key) management. That's one of the biggest and trickiest issues that you will face implementing encryption – managing the encryption key. You can find more information on both the software encryption APIs and the hardware crypto card on the IBM Information Center website at IBM Information Center. If you don't want to tackle this issue yourself, there are several vendors that offer encryption solutions for iSeries. At least one, Patrick Townsend and Associates provide key management functionality with their product. I suggest that you research the vendor products available and the options that come from IBM and determine which works best for your organization's programming and security administration skills and resources.

More on this topic

The Best Web Links: tips, tutorials and more.

Search400's targeted search engine: Get relevant information on security.

Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.

Check out this Search400.com Featured Topic: Top ten security tips 

Visit the ITKnowledge Exchange and get answers to your security questions fast.

 

This was last published in June 2005

Dig Deeper on iSeries system and application security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

Close