Hewlett-Packard is enhancing security features on the HP-UX operating system for its Integrity line of servers amid growing customer concern about recent network security breaches.
HP is announcing Monday the availability of a free upgrade to HP-UX 11i v2 that automatically encrypts data as it is stored. HP has offered this capability before, but this upgrade puts the encryption capability right into the operating system (OS).
"If it's in the operating system, it's easily implemented without needing to do anything, and you're not going to break anything," said Charles Kolodgy, a research director at IDC focused on secure content and threat management products.
IDC is about to release results of a survey of IT managers on their network security spending priorities for 2007, Kolodgy said. The survey will show that "file and folder encryption" has rocketed to the number one spot, from fifth in the 2006 survey, surpassing common concerns such as firewalls, network intrusion, viruses and spyware.
What's changed in the last year is the number of reports of serious security breaches, from the U.S. Department of Veterans Affairs laptop stolen in May and recovered in June, to the Dec. 12 report of hackers accessing personal information on 800,000 current and prospective students at the University of California, Los Angeles.
Sun Microsystems has added encryption capabilities to its Solaris OS that it originally offered only on its Trusted Solaris system for sensitive governmental use, Kolodgy said. And Microsoft is including an encryption feature called BitLocker in its new Vista OS.
"They are all attempting to bring these solutions to the end user," he said, but he added that the HP upgrade is improved over prior HP offerings.
HP is also offering an optional embedded chip on its Integrity servers that holds the digital keys to decrypt protected data. It claims this approach is more secure than software-based keys. Also, a new feature called HP Protected Systems allows a network security administrator to isolate certain data in unique compartments and configure different security settings for that data as needed.
Adding encryption capabilities directly to storage hardware can require an expensive upgrade, which enterprises can avoid with an OS upgrade, said Ron Luman, the security architect for HP-UX.
"What we have been asked to do [by customers] is provide something that is transparent to the applications and also transparent to the storage hardware, and so that means doing something to the operating system itself," Luman said.