CA Encryption Key Manager Helps Simplify Compliance While Enabling Ready Access to Protected Data

CA Encryption Key Manager Helps Simplify Compliance While Enabling Ready
Access to Protected Data
Unified Automation of Critical Storage Security Helps Reduce TCO and Mitigate
Risk for Multi-Vendor Storage Environments

ISLANDIA, N.Y., Nov. 9 /PRNewswire-FirstCall/ -- CA (Nasdaq: CA) today
announced CA Encryption Key Manager (CA EKM), a z/OS®-based comprehensive
solution that unifies and automates the management, storage, distribution, and
documentation of encryption keys for multi-vendor mainframe and distributed
environments such as Linux®, UNIX®, Windows® and Solaris®. By doing so, CA EKM
can reduce administrative overhead, support compliance best practices and
corporate governance initiatives, and reduce the risk of downtime that can
result from the inability to access encrypted data.

CA EKM automatically replicates encryption keys across a set of local and
dispersed hosts via SSL-encrypted TCP/IP, so that keys can quickly and
transparently be recovered in case of a disaster, hardware errors or a system
outage. It also automatically enforces policies regarding the change of
encryption keys and digital certificates, thereby mitigating the labor and
risk associated with manual administration.

As a vendor-neutral solution, CA EKM helps IT organizations avoid being locked
into costly standalone hardware or software purchases that could introduce
single points of failure or lack the flexibility to meet changing business
needs. Because the solution can support both popular IBM tape encryption
devices and CA Tape Encryption subsystems from the same interface, CA EKM can
streamline customers' approach to this critical issue.*

"As large organizations deploy a myriad of encryption technologies,
vendor-specific key management systems can't provide enterprise class security
operations or support business continuity objectives, and they often lack
functionality that is critical for business enablement -- such as the ability
to share keys across the network," said Jon Oltsik, principal analyst at the
Enterprise Strategy Group. "CA has responded to this market need with a
centralized key management solution that aligns these essential key management
requirements with its robust mainframe-based management portfolio."

IT organizations face new encryption key management issues as expanding
compliance mandates and growing consumer concerns about privacy drive more
rigorous protection of sensitive data. These issues include:

    --  The time and effort required to manage keys
    --  The accuracy with which keys must be distributed to authorized users
    --  The need to ensure the availability of all keys under any conditions

    --  The need to credibly document encryption measures to auditors


CA EKM helps customers address these issues and others by providing a single,
centralized interface that can be used for any combination of IBM TS1120 and
IBM TS1130 tape encryption devices, as well as CA Tape Encryption subsystems.

CA EKM also interfaces with z/OS external security systems such as IBM RACF®,
CA ACF2(TM) for z/OS and CA Top Secret® for z/OS for Public/Private keys, and
digital certificates storage.  Encryption keys and digital certificates from
these sources can be automatically re-imported if they are not found, further
accelerating the recovery of encrypted data in the event of a disruption.

"While it is essential for us to safeguard sensitive information through the
diligent use of encryption, the loss or accidental corruption of encryption
keys is also a significant business risk that we have to mitigate," said Mark
Depathy, senior infrastructure engineer at Peoples United Bank. "With CA
Encryption Key Manager, we can effectively mitigate this risk while reducing
the time and effort required to secure our mainframe environment."

CA EKM integrates with the CA Graphical Management Interface so that users can
respond quickly to internal or external auditing requests and validate
compliance for events such as certificate generation, key migration, key store
synchronization, and key deletion.

By reducing the effort and complexity associated with key management, CA EKM
supports CA's broader Mainframe 2.0 initiative -- which is empowering a new
generation of IT professionals to effectively and efficiently operate a new
generation of IBM mainframes. CA EKM can also be installed and configured with
CA Mainframe Software Manager, a key Mainframe 2.0 solution.

"An overwhelming volume of the world's most critical business data continues
to reside on the mainframe," said Stefan Kochishan, director of storage
product marketing at CA. "With CA EKM, CA is again demonstrating that it is
uniquely committed to helping our customers extract even greater value from
these workhorse mainframe investments by both enhancing their mainframe's
capabilities and reducing their mainframe TCO."

CA EKM is designed in accordance with the guidance for key management set
forth in the National Institute of Standards and Technology, document NIST
800-57.

For technical specifications for CA EKM, please visit
www.ca.com/mainframe/storage.

* The CA EKM solution utilizes the same base technology for encryption key
management. Support for the IBM devices and CA Tape Encryption is made
available via two separately licensed components.

(Logo:  http://www.newscom.com/cgi-bin/prnh/20090402/NYTH500LOGO)

About CA

CA (Nasdaq: CA), the world's leading independent IT management software
company, helps customers optimize IT for better business results. CA's
Enterprise IT Management solutions for mainframe and distributed computing
enable Lean IT -- empowering organizations to more effectively govern, manage
and secure their IT operations. For more information, visit www.ca.com.

Connect with CA

    --  CA Social Media Page
    --  CA Newsletters
    --  CA Press Releases
    --  CA Podcasts
    --  CA EXEC I/O Mainframe Blog

    --  CAMainframe Twitter


Trademarks

Copyright © 2009 CA. All Rights Reserved. One CA Plaza, Islandia, N.Y. 11749.
IBM, z/OS and RACF are trademarks of IBM Corporation in the United States,
other countries or both. UNIX is a registered trademark of The Open Group in
the United States and other countries.  Linux is the registered trademark of
Linus Torvalds in the U.S. and other countries. Sun and Solaris are trademarks
or registered trademarks of Sun Microsystems, Inc. in the United States, other
countries, or both. Microsoft and Windows are registered trademarks of
Microsoft Corporation in the United States and other countries.  All other
trademarks, trade names, service marks and logos referenced herein belong to
their respective companies.


    Contact

    Bob Gordon
    CA, Inc.
    (631) 342-2391
    bobg@ca.com


SOURCE  CA

Bob Gordon, CA, Inc., +1-631-342-2391, bobg@ca.com