nuBridges Unveils TaaS, a Hosted Data Tokenization Service
February 22, 2011 Alex Woodie
nuBridges last week unveiled a new hosted version of its software that uses tokenization to protect sensitive data. The new offering, which is called nuBridges Protect Tokenization as a Service (TaaS), is being delivered with nuBridges’ new business partner, Verizon Business. Customers who subscribe to the new service will get the benefit of tokenization for IBM i and other servers, but none of the burden of managing the tokenization environment.
nuBridges Protect TaaS is a basically hosted version of the company’s nuBridges Protect Token Manager that runs on Verizon Business’ computing as a service (CaaS) offering. Under TaaS, customers no longer manage their own vaults of sensitive data. Instead, they leverage the version of Token Manager running on the Verizon cloud, and utilize nuBridges personnel for day-to-day management.
The rest of the setup remains the same: When a customer requires the clear-text version of a piece of sensitive data, it can request it from nuBridges and Verizon, which store the actual data in the Token Manager vault. Upon authentication, the encrypted data will be sent to the customer, where it will be decrypted and made available to the user.
Customers must enable their applications to interact with nuBridges Protect TaaS via Web services protocols. Enabling tokenization in client applications may require some professional services, which nuBridges provides as part of the service. nuBridges Protect Token Manager, which runs on Windows, Linux, and Unix platforms, uses SOAP and XML technology to communicate with client applications, which can reside on those platforms or even the IBM i server.
nuBridges has a long history supporting the IBM i server with data security tools, and the new TaaS offering does not disappoint in that regard. According to nuBridges product manager Gary Palgon, the IBM i connector that nuBridges released last year is a “perfect client counterpart” to the new TaaS offering. The connector was created to simplify the setup of tokenization services between an in-house implementation of Token Manager running on an open systems platform and nuBridges Protect software running on IBM i.
nuBridges also offers a fully native IBM i tokenization solution for organizations that want to store tokens and manage the entire tokenization system (including encryption and key management) in a pure IBM i environment. But it’s safe to say there are many more sales of the open systems version of Token Manager. And with the connector released last year, IBM i customers can get the same benefits from TaaS as their open-systems brethren.
TaaS customers can expect the same level of benefits they would get if they were running Token Manager in-house. Most importantly, they move the sensitive data off their computer systems, which shrinks the scope of compliance audits, such as those for PCI DSS. In exchange for a monthly fee, TaaS customers are relieved of the burden of managing the tokenization setup, which usually also includes encryption and key management and can be difficult.
Cloud-based tokenization may be the wave of the future. “We expect to see it become a commonplace data protection strategy for a wide variety of data types as more companies exploit secure cloud-based tokenization services from trusted data security vendors,” says rnAvivah Litan, an analyst with Gartner.
Verizon Business provides a range of hosting, co-location, and cloud services to medium-sized and large businesses and government agencies, including 96 percent of the Fortune 1000 according to the company. The subsidiary of Verizon runs five SAS 70 Type II data centers, and has more than 200 offices around the world. While the company has lost some customer data (there are five incidents involving Verizon Wireless and other subsidiaries on the Privacy Rights Clearinghouse chronology of data breaches), it obviously takes security quite seriously–last week it launched a new enterprise identity authentication system, and last year it worked with the U.S. Secret Service for its 2010 Data Breach Investigations Report.
TaaS isn’t the first cloud-based tokenization offering on the market, but nuBridges claims it’s the first to support format-preserving tokenization. With format-preserving tokenization, there is typically less of a need for programming modifications, and the scope of PCI DSS compliance audits are further narrowed, according to nuBridges.
nuBridges also touts the capability to work with any payment gateways and payment processors as other competitive advantages with TaaS. It also doesn’t restrict the amount of data it stores for customers, or the length of time it stores it.
“Many organizations are seeking relief from the day-to-day operations associated with tokenization, but are wary of vendor lock-in with payment processor and payment gateway tokenization service providers,” Palgon states in a press release. “nuBridges TaaS provides that relief at a low entry cost without vendor lock-in.”