ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
現代のテクノロジーを使用してビジネスアプリケーションを構築してモダナイズ
The leading solution for COBOL application modernization
IBMメインフレームのアプリケーション、デリバリプロセス、アクセス、およびインフラストラクチャをモダナイゼーション
ホストアプリケーションアクセスのモダナイゼーション: 使用と統合と管理を簡易化、セキュリティを強化
企業全体のシステムの相互運用性を達成
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
安全な開発、セキュリティテスト、継続的なモニタリングと保護
Augment human intelligence
データ匿名化とプライバシーのための暗号化、トークン化、およびキー管理
ID/アクセス管理への統合アプローチ
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
相関関係、データ統合、分析を通して既知、また未知の脅威を検出
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
エンドユーザーの使用体験と機械学習をベースにした効率的なサービスデスクを連携
ハイブリッドIT向けの、初のコンテナ化自律型監視ソリューション
従来の仮想的なソフトウェア定義型ネットワークを自動化して管理
ハイブリッドIT環境で構成アイテム(CIs)を検出および管理します。
フルフィルメントの自動化をシンプルにして、ガバナンスを強化
ITプロセスの自動化
Manage IT & software assets for better compliance
データセンター全体でプロビジョニング、パッチ適用、コンプライアンスを自動化
自動化されたビジネスプロセスを全社的に構築、拡張します。
速度を向上して障害を取り除き、ソフトウェアデリバリを常に改善
ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
Access all products in application delivery management
ビジネスの変革を加速するためにコアビジネスシステムをモダナイズ
現代のテクノロジーを使用してビジネスアプリケーションを構築してモダナイズ
The leading solution for COBOL application modernization
IBMメインフレームのアプリケーション、デリバリプロセス、アクセス、およびインフラストラクチャをモダナイゼーション
ホストアプリケーションアクセスのモダナイゼーション: 使用と統合と管理を簡易化、セキュリティを強化
企業全体のシステムの相互運用性を達成
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
Access all products in Application Modernization & Connectivity
運用、アプリケーション、ID、データまで、ユーザーが関与するすべての面に根本的なセキュリティを確保
安全な開発、セキュリティテスト、継続的なモニタリングと保護
Augment human intelligence
データ匿名化とプライバシーのための暗号化、トークン化、およびキー管理
ID/アクセス管理への統合アプローチ
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
相関関係、データ統合、分析を通して既知、また未知の脅威を検出
Access all products in CyberRes
法的に証明された信頼のおけるコンプライアンスとプライバシーのソリューション
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
Access all products in Information Management and Governance
DevOpsのスピードに合わせてIT運用を加速
エンドユーザーの使用体験と機械学習をベースにした効率的なサービスデスクを連携
ハイブリッドIT向けの、初のコンテナ化自律型監視ソリューション
従来の仮想的なソフトウェア定義型ネットワークを自動化して管理
ハイブリッドIT環境で構成アイテム(CIs)を検出および管理します。
フルフィルメントの自動化をシンプルにして、ガバナンスを強化
ITプロセスの自動化
Manage IT & software assets for better compliance
データセンター全体でプロビジョニング、パッチ適用、コンプライアンスを自動化
自動化されたビジネスプロセスを全社的に構築、拡張します。
Access all products in IT Operations Management
戦略を形作りハイブリッドITを変革します。
リアルタイムの分析ができる大きなデータからインサイトを得て、未構築のデータを検索します。
チームはビジネスの可能性を最大限に引き出す力を得ることができます
Cryptography is the foundation of cybersecurity, and can effectively protect both consumer privacy and sensitive data from attackers. When encrypted data is stolen, what may have been a serious breach is only a mere incident: something to continue to protect against, but which has minimal impact and may not even require public disclosure.
Encryption uses cryptographic algorithms and keys, and the proper management of cryptographic keys is essential to effective use of encryption: poor key management can make strong algorithms useless. The National Institute of Standards and Technology (NIST) publishes “Recommendations for Key Management” in Special Publication 80057 (Part 1, Revision 5).
Modern, strong encryption is never cracked, but often bypassed. It does not matter how much encryption is done: if keys are not well protected, it takes little for a hacker to obtain the crown jewels, with significant business and reputational impact. Key management is just as important as implementing strong cryptography, and is all too often the Achilles heel of enterprise data security and privacy programs.
There are two ways to create a cryptographic key: generate a random key, or calculate it. It's easy to understand why random keys are good. There is no computational trick that will help an attacker guess a random value that is any better than just guessing all possible values until they get the right one. But it is also possible to generate keys dynamically, in a manner that is just as secure as the traditional approach: by using random seed material generated once, and then deriving keys on demand based on combining a key “name” or an “identifier” with that seed material.
The most secure way to calculate a key is by using a secure key derivation function (KDF), the output of which is a derived key. Derived keys are just as secure as random keys, but they have some significant practical advantages. In particular, they make it much cheaper to buy, use, and maintain systems that employ them.
Traditional key management entails a complex sequence: generating keys, marking them “not yet used” backing them up; making them available; assigning names; marking them as “in use” deactivating them, so they are no longer available; and more, including replication, synchronization, archiving, and permissions management. This is tedious, and installations using many encryption keys quickly find that key management is as much or more work than the actual encryption.
The downside of the random key generation approach is that you must back up each new key before it is used to encrypt data. If you do not, then the protected data will not be able to be decrypted if the key store fails.
Comparatively, derived keys offer some significant practical advantages. Since the secret changes only rarely, backups are infrequently required and the need for the whole create-activate-name-deactivate sequence (other than authorization) is removed. Multiple key servers can be created from a single backup and are guaranteed to derive the same keys from the same inputs, since the original seed material is reused, without requiring any real-time replication or synchronization. There is also no risk of losing keys: if an application loses a derived key, it can be re-derived as easily as generating it in the first place.
Regardless of the key management solution, a significant challenge is to ensure that keys are not mishandled by users. It is critical to disconnect users and developers from key management. Application teams should not be involved in storing, protecting, or rotating encryption keys, and nor should they be allowed to actually possess keys. Instead, they should be provided with key identifiers and an interface to an abstraction layer that automates key generation, retrieval, caching, protection, and refresh.
Micro Focus Voltage SecureData implements stateless key management, giving enterprises unprecedented scale and simplified key management. With Voltage SecureData, key management is also abstracted, which means developers don’t ever hold keys and hence don’t need to store them. Instead they store identities – key names – which can be meaningful strings, such as PAN, SSN, SensitiveData, etc. Developers can store these identities in properties files without any protection, since they are not sensitive. SecureData client software takes care of the key management processes – key retrieval, security, cache, etc. With remote, REST-based operation, keys are never exposed outside of the SecureData server. SecureData enables key derivation at the SecureData server or within an HSM.
Encryption can be hard, and key management is even harder; but there are ways to make key management easier while fully complying with even the most rigorous standards. Voltage SecureData makes key management easy, helping to shield this critical aspect of a data security program.
Voltage encryption delivers data privacy protection, neutralizes data breach, and drives business value through secure data use.