Liaison Gives Token Manager a Performance Boost
August 7, 2012 Alex Woodie
Users and applications won’t have to wait as long to pull up data that’s been protected with Liaison Technologies‘ Token Manager, thanks to performance enhancements built into the latest release. The Atlanta, Georgia, company says that version 2.2, which was unveiled last week, features administrative enhancements as well.
Token Manager was the first commercial tokenization products to hit the IBM i software market when it was introduced more than three years ago by nuBridges, which Liaison acquired in 2011. Like other tokenization products, Token Manager was originally designed to address shortcomings in the real-world application of encryption technology at retail merchant locations and in multi-site organizations.
Instead of storing encrypted data in multiple local databases, which exposes those sites to PCI audits, the data is stored in a central database, and tokens, or surrogates, that represent that data are passed around to the applications. When a particular piece of data is required, an authorized user or application can retrieve that data using the token, and only then is it decrypted.
For a merchant struggling to comply with PCI, this approach offers obvious benefits. First, since plain-text credit card data is never stored at a retail location, it can’t be compromised at that location. Also, since it’s not stored on site, it doesn’t need to be encrypted (a PCI requirement). Tokenization has also been widely adopted outside of the retail industry, including financial services, health care, and hospitality, where multi-site organizations often struggle to control personally identifiable information (PII) in a cost-effective manner.
Centralizing control over sensitive data is obviously the right approach from an IT security point of view, since it minimizes the number of ways that data can be compromised. But this approach also runs the risk of creating a performance bottleneck. Liaison says it has addressed this potential clog with Token Manager 2.2
For starters, the new release offers high-volume connection pooling and improved caching of static data, which Liaison says enables it to create new tokens and reveal tokenized data more quickly to authorized users. Furthermore, Liaison says it completely redesigned its support for Multiple Active Domain (MAD v2), which results in higher performance and scalability across multiple data center clusters, and improvements in the capabilities to keep them in-sync.
On the administrative front, Token Manager 2.2 features enhancements to the installation and upgrade routines. It also features improved logging and enhancements to the GUI and messaging components. Administrators work with Token Manager through a browser-based interface, and it generates logs in the syslog format that are designed for consumption by security information and event management (SIEM) products.
Token Manager is a component of Liaison Protect, a suite of encryption and tokenization tools for various platforms. Token manager is written in Java, runs on IBM i, Windows, Unix, and Linux servers, and supports major databases, including DB2/400, Microsoft SQL Server, and Oracle‘s eponymous database.
Liaison also offers a software as a service (SaaS) version of Token Manager that enables customers to adopt the software without having to worry about running the software or managing tokens. For IBM i environments, Liaison also offers an adapter that connects Token Manager running on an open systems server and Liaison Protect encryption capabilities running on the IBM i server. This adapter, which nuBridges first launched in 2010, basically eliminates the need for IBM i shops to do low-level programming and configuration of SOAP and Web services protocols to connect the environments.
Token Manager 2.2 is available immediately. For more information, see www.liaison.com.