HP tightens security in HP-UX
- 19 December, 2006 07:15
HP is enhancing security features on the HP-UX operating system for its Integrity line of servers amid growing customer concern about recent network security breaches.
HP has announced the availability of a free upgrade to HP-UX 11i v2 that automatically encrypts data as it is stored. HP has offered this capability before, but this upgrade puts the encryption capability right into the operating system (OS).
"If it's in the operating system, it's easily implemented without needing to do anything, and you're not going to break anything," a research director at IDC focused on secure content and threat management products, Charles Kolodgy, said.
IDC was about to release results of a survey of IT managers on their network security spending priorities for 2007, Kolodgy said. The survey would show that file and folder encryption has rocketed to the number one spot, from fifth in the 2006 survey, surpassing common concerns such as firewalls, network intrusion, viruses and spyware.
What had changed in the last year was the number of reports of serious security breaches, from the US Department of Veterans Affairs laptop stolen in May and recovered in June, to the December 12 report of hackers accessing personal information on 800,000 current and prospective students at the University of California, Los Angeles.
Sun Microsystems had added encryption capabilities to its Solaris OS that it originally offered only on its Trusted Solaris system for sensitive governmental use, Kolodgy said. And Microsoft was including an encryption feature called BitLocker in its new Vista OS.
"They are all attempting to bring these solutions to the enduser," he said.
HP is also offering an optional embedded chip on its Integrity servers that holds the digital keys to decrypt protected data. It claims this approach is more secure than software-based keys. Also, a new feature called HP Protected Systems allows a network security administrator to isolate certain data in unique compartments and configure different security settings for that data as needed.
Adding encryption capabilities directly to storage hardware can require an expensive upgrade, which enterprises can avoid with an OS upgrade, the security architect for HP-UX, Ron Luman, said.
"What we have been asked to do [by customers] is provide something that is transparent to the applications and also transparent to the storage hardware, and so that means doing something to the operating system itself," Luman said.