Home » Blog


Posts Categorized Under "GENERAL"

Webinar: Encryption on the IBM i Platform

Do you need to encrypt sensitive data on the IBM i, but are unsure how to get started or which techniques are best?

Encryption is essential for protecting sensitive data like credit card numbers, social security numbers, birth dates and other PII information. It is also critical for meeting compliance requirements like PCI DSS, HIPAA and State Privacy Laws.

Encryption on the IBM i Platform

This webinar is your chance to learn the basic methods of encrypting data on the IBM i, whether if it is stored within your database files or transmitted to your trading partners. During the webinar, you will learn about these key topics:

  • Exploring the basics of Encryption
  • Hashing vs Encryption
  • Introduction to Key Management
  • Database Field Encryption
  • Open PGP Encryption
  • SFTP and FTPS protocols

You are invited to join us for this free webinar. Linoma Software's senior IBM i engineers will be on hand during to answer your encryption questions.

To reserve your place, and to learn more about the webinar, visit the registration page. Don't delay, register today.

If you're unable to attend, we are recording the webinar and will make it available on our website.

Linoma Software celebrates 20 Year Anniversary

Linoma Software-20 Year-FINALLinoma Software is celebrating 20 years in helping organizations around the world to automate their IT processes and protect sensitive data. The company will commemorate this milestone anniversary with the much anticipated unveiling of their new corporate headquarters, groundbreaking new software releases and promotional events throughout the next twelve months.

"From the beginning, our goal has been to provide great products at affordable prices that are backed with unparalleled customer support and service," said Linoma Software founder, Bob Luebbe. "We attribute our success over the last 20 years to this simple company philosophy. It encompasses all that we do."

Looking Back: A Modest Beginning

Husband and wife team, Bob and Christy Luebbe, started Linoma out of their home in 1994 to provide IT consulting and contract programming services to area businesses. The concept was simple, in that they offered experienced IT talent for affordable rates.

By late 1995, the Luebbes had hired several consultants to service their expanding customer base which included Fortune 500 companies such as Union Pacific, First Data Resources and Hewlett-Packard. They also officially opened their first office in Omaha, Nebraska to offer offsite programming services to out-of-state customers.

Around 1996, Bob had an idea for a product that addressed the challenge of converting legacy IBM RPG code to the new RPG IV (ILE RPG) language. During his off hours, Luebbe built the Convert to ILE RPG software, named it CVTILERPG and released it on a programming list server as a downloadable file. This proved to be a move that was ahead of its time as most software for IBM systems was distributed by mail and installed using cumbersome tapes.

BobLuebbeLinomaSoftwareCVTILERPG became an overnight success as a convenient-to-install and affordable utility, which paved the way for Linoma to evolve into a software company. Many of the original users of CVTILERPG (now called RPG Toolbox) are still loyal customers today.

Finding ways to make tasks easier and more efficient has always been the core of Linoma Software's approach to software development. From creating graphical interfaces for the AS/400 in 1997 with Surveyor/400, to the debut of Transfer Anywhere in 2002, to encrypting databases with Crypto Complete in 2007, Luebbe and his growing R&D team continued to innovate and streamline processes for the IBM i. As new products were developed and released, Linoma put an emphasis on affordability and five-star support, which the company is known for.

The release of GoAnywhere Director in early 2008 was a turning point for the company. Quickly becoming the flagship product for Managed File Transfer and secure data exchange, the multi-platform software delivered full automation, encryption and detailed audit trails for file transfers. Following shortly after in 2009, the introduction of GoAnywhere Services expanded the product offering to support secure file services using FTP, FTPS, SFTP and HTTP protocols. GoAnywhere Gateway joined the product suite in 2010 with enhanced forward and reverse proxy to protect files in the DMZ.

LinomaSoftware2014 Looking Forward: Success through Innovation

As the GoAnywhere software suite continues to grow and evolve, the company has grown as well. Linoma Software has been named to the Inc. 5000 list of top growing companies in Nebraska for the past two years. Their customer base consists of over 3,000 installations worldwide including government entities, large corporations and mid-sized companies. Boasting over a 98% customer retention rate, Linoma Software continues to win customers over through innovation, affordable product offerings and responsive product enhancements.

According to Luebbe, "Several of our customers have been with us since the beginning. They love the products and rave about our support. We're thrilled to be celebrating 20 years and it's because our customers truly appreciate what we do. Without their trust and support, we wouldn't be here. It's that simple, and we are truly grateful."

Click to Download and Print PDF

In Celebration of Computer Programmers

In celebration of Computer Science Education Week, we tip our hat to our programmers whose expertise and creativity keep our products evolving and responsive to our customers' needs. We also salute all programmers that constantly strive to keep their organizations running smoothly by developing new applications or finding innovative ways to adapt current software to meet their needs.

The importance of programming skills is in the spotlight this week with the Hour of Code initiative where educators, celebrities, tech gurus and business owners alike join forces to promote computer science education. The campaign's promotional video has received almost 1.7 million views.

education for computer programmers is lackingCode.org reports that computer programming jobs are growing at twice the national average and that there will be more 1,000,000 more jobs than students in 2020. In a rocky job market, computer science offers a great opportunity for students who have the passion to pursue it as a career.

Our programmers work hard and they love the challenge of finding new ways to improve our products. Through initiatives such as the Hour of Code promotion and Computer Science Education Week, we hope that more students are encouraged to explore the world of computer programming.

You can learn more about Hour of Code and how you can help. You can also find tutorials and resources that take students of all ages beyond basic programming to explore different computer languages and app development. We hope you'll sit down with the kids in your life and explore Code.org.


Linoma's Support Team Gets Rave Reviews



For years we've received emails, phone calls, and comments at trade shows about how much our customers appreciate our support team, and we're always so glad to hear that. Our dual missions at Linoma Software is to develop (and enhance) the best possible products and to provide exceptional support for those products.

Our core support team is the first to arrive* and the last to leave each day, and between scheduled trainings, emails, online chats and phone calls, they patiently work through any questions a customer may have, and happily pass along suggestions for enhancements to our development team.

We invite you to watch this video, and if you've had a good experience with someone from our support team, please let us know. You can leave a comment below, email us, call us, or write a quick note on LinkedIn. We could even make you a video star!

We love patting our support folks on the back for a job well done, and thank you for your rave reviews.

**Ok, the developers are here early and stay late, too! Sometimes really late!

Linoma Software Celebrates Growth in 2011

As we kick off 2012 with several major product enhancements we'll be publicizing soon, I'd also like to take a minute to reflect on the record year Linoma Software had in 2011, with over 40% growth in new business.

Bob Luebbe Chief Architect at Linoma Software
Bob recently presented at several East Coast Users Groups, including here at the Long Island System Users Group.

Many factors contributed to our banner performance. For one, meeting compliance requirements for data privacy and security is a huge issue for most organizations, so we have been working hard to help meet these challenges.

We have made significant R&D investments over the past 12 months in our products, including major enhancements to our GoAnywhere™ managed file transfer solutions, as well as new features for our Crypto Complete™ encryption product.

We also gained many new customers outside of the United States as we have partnered with several new international resellers for our products, and seen increased sales performance from our established distributors. Data security is a worldwide challenge that has no borders.

Another factor in our growth has to do with the openness of our GoAnywhere products, which allows them to run on a variety of platforms including IBM i, Windows, Linux, Solaris and AIX. This gives our customers a choice on the operating system environment that best meets their needs.

For a more detailed announcement about Linoma Software's sales growth in 2011, you can read our press release.

We've enjoyed talking with many of you over the last year. If you are coming to any of the trade shows that we'll be exhibiting at this year, please stop by and say hello. Otherwise, give us a call or email if you have any questions or comments about our solutions.

We sincerely appreciate the support of our loyal customers and look forward to working with you this year. If you're not yet a customer, we hope to talk with you soon about how we can help you solve any data automation or security challenges in 2012.

We're ramping up our activity on various social networks, so we also hope you'll connect with us there.

Linoma wishes you a successful 2012!

How Managed File Transfer Changed My Life

In addition to being one of Linoma Software's expert bloggers, Daniel Cheney is also in the IT trenches, and it was here that he first discovered the impact the switch to a managed file transfer solution had on his daily work life.
_ _ _ _ _ _ _ _ _ _

As a technology administrator at a major healthcare administration company, sending and receiving sensitive files between various systems used to be a daily grind and a consistent source of stress. We were using PC-based freeware FTP tools and the built in FTP functions on the IBM iSeries. The best we could do with scripting was to use CL command scripts to call the FTP function and hard code the login information. RPG programs would then call the CL scripts and retrieve and send the needed files, but there were insufficient logs and alerts for such automated activities.

The biggest headache for me was that these scripts, and the resultant sending of files, had to be error-free and reliable! Add to that the pressure of knowing how critical exchanging files is to the operation of the business and the challenge of having a single person responsible for its success -- it all became an unrealistic expectation. On top of this, because most of these files are sent over the Internet, and because of the inadequate tools we had at hand, the security of our FTP processes was insufficient.

I knew it was time to find a better solution and after doing some evaluation of available managed file transfer products for IBM iSeries, I selected GoAnywhere™ Director from Linoma Software.

Our installation of GoAnywhere Director made a huge difference almost immediately.

First, Director provides me with all the possible security protocols available, including SFTP, FTPS, and standard FTP with PGP encryption. It also has powerful scripting functions to login to HTTP and HTTPS sessions in order to automate logins to partner sites for file transfers.

Director makes it possible to automate all of the company's file transfers with a schedule and log so we know the path and time of every transaction. Alerts are automatically sent to us if there are any problems, or if we wish, every time it succeeds. Responsibility can be distributed to various departments as needed to receive these alerts and/or to begin the execution of the transfers when ready.

The simple-to-navigate web interface makes it easy for any user to view, verify, change and execute these file transfers. The scripting is easy for the average user to setup. If there are any challenges that we come up against with our file transfer processes, Linoma support has always been extremely effective at showing me how to do a successful execution.

I know how frustrating it can be to initiate, monitor, and track the ever increasing number of file transfers my company requires, especially without an all-in-one tool like managed file transfer. It amazes me how many IT people still don't realize there's a better way to do things -- a way that gives them more control, and more time to devote to all the other projects demanding their attention. I know managed file transfer -- and specifically GoAnywhere Director -- changed my life at work. I hope more of my IT colleagues discover the advantages soon.

Citigroup Breach Triggers Congressional Response

The data breach at Citigroup in May - a breach which reportedly exposed an estimated 200,000 customer accounts - has motivated members of the U.S. Congress to re-introduce legislation to penalize the very organizations that have been victimized by hackers. What are the next steps your company should take?

New bills to protect consumers' personal data

Linoma Software Managed File Transfer SolutionsTwo bills are proposed by both House and Senate legislators.

First, Sen. Patrick Leahy (D-Vt.) has introduced the Personal Data Privacy and Security Act of 2011. The new bill provides:

  • Tough criminal penalties for individuals who intentionally or willfully conceal a security breach involving personal data;
  • A requirement that companies that maintain personal data establish and implement internal policies to protect data privacy and security; and
  • A requirement that the government ensure sensitive data is protected when the government hires third-party contractors.

This act would also require, under threat of fine or imprisonment, that businesses and agencies notify affected individuals of a security breach by mail, telephone or email "without unreasonable delay." Media notices would be required for breaches involving 5,000 or more people. The FBI and the Secret Service would need to be notified if the breach affects 10,000 or more people, compromises databases containing the information of one million or more people, or impacts federal databases or law enforcement.

But that's not the only security bill that has businesses concerned.

In the House, Rep. Mary Bono Mack (R-Ca) is holding hearings in preparation of a bill she's named The SAFE (Secure and Fortify) Data Act that would also require "reasonable security policies and procedures" to protect consumers and enable disclosures to victims and the Federal Trade Commission within 48 hours of a data breach.

Companies no longer viewed as the victims

All this sounds good from the consumer's point of view. But what about the expense - and potential Linoma Software GoAnywhere Managed File Transfer Solutionpenalties - suffered by the "owners" of the data: the businesses themselves?

While these bills may address the public's interest for notification -- and indeed they would bring some semblance of a national standard - they also represent an interesting shift in the liabilities that companies will face. How is that?

Though we currently have no federal data breach notification law, federal policies now view the companies that experience a data breach as the victims of crime. However, under the proposed legislative bills, companies that do not act quickly to appropriately secure the personal data of customers - or fail to report a data breach in a reasonable amount of time - would not only suffer the theft of data, but also be held liable for its loss.

This is a significant shift. Companies are now being viewed not as the owners of consumer data, but merely guardians and trustees whose job it is to protect that data or face criminal penalties. And the message is clear: if companies won't take adequate precautions to secure the sensitive data of our customers, they'll pay a hefty price.

Where does your company stand?

In a world in which diligent hackers have the power break into seemingly secure networks and systems, what can your company do?

The challenge is first to determine exactly what qualifies as adequate precautions.

GoAnywhere Secure Managed File Transfer A review of the HIPAA HITECH security provisions that took effect last year provides some insight about what the government considers adequate protection.

HITECH strongly recommends the use of encryption technology. Encryption is a good place for your company to start, especially when dealing with the data your company stores on its servers. If sensitive data itself is kept securely encrypted, a data breach doesn't expose the content of the information itself.

Secure managed file transfer protocols - which send data using encryption - is the second place to focus attention.

If data is encrypted when it is being securely transmitted between business partners, the value of that data should it be breached - through hacking, theft, or other malicious actions - is worthless. Encryption and secure managed file transfers can dramatically minimize the holes of technical breaches, significantly reducing an organization's liability.

Preventing exposure

The Citigroup data breach has rekindled the momentum for a nationwide, cross-industry data breach reporting standard. This standard will not to eliminate the physical breaches themselves. What's needed is legislation to encourage companies secure the underlying data that is the target of the hackers.

Isn't it time for your company to take a serious look at its liabilities and to investigate how encryption and managed file transfers can close these important security holes?

Top 10 Healthcare Data Breaches in 2010

Most data breaches are caused by simple acts of carelessness.

Last March the Ponemon Institute released its findings for the 2010 Annual Study: U.S. Cost of a Data Breach. The study -- based on the actual data breach experiences of 51 U.S. companies from 15 different industry sectors -- revealed that data breaches grew more costly for the fifth year in a row. They jumped from $204 per compromised record in 2009 to $214 in 2010.

The increase in cost, however, pales in comparison to the reputational cost of companies that have been victimized, particularly in the healthcare sector.

HITECH builds Wall of Shame

Consider that the U.S. Department of Health and Human Services has begun posting the data breaches affecting 500 or more individuals as required by section 13402(e)(4) of the HITECH Act. The New York Times has labeled this site "The Wall of Shame". Why? Because if patients have no faith in electronic record-keeping, the future of healthcare record automation will be jeopardized: Law suits and government regulation will bury any cost-savings.

The Back Stories of Healthcare Data Breaches

What are the stories behind the most severe healthcare sector data breaches reported in 2010? Here are the ten most expensive stories, in ascending order of cost, documented in the Privacy Rights Clearing House database. While they're sober reminders of the problem of keeping data secure, they're also instructive: none of these breaches were malicious hacks, but were instead the results of theft, poor record-keeping policies, and simple human error.

(Note that the estimate of liability uses the $214/ record cost identified by the Ponemon Institute in its annual report. We have purposely not published the names of the reporting institutions.)

10th Most Expensive: Physician Computer Theft Exposes 25,000

On June 29th of 2010 a thief stole four computers from a physician specialist's office in Fort Worth, Texas. This theft resulted in an estimated 25,000 patient records being exposed. The patient records contained addresses, Social Security numbers and dates of birth. Estimated liability: $5,350,000.

9th: Medical Center Theft Exposes 39,000

On the weekend of May 22nd, 2010 two computers were stolen from a medical center in the Bronx. Names, medical record numbers, Social Security numbers, dates of birth, insurers, and hospital admission dates of patients were known to be on the computers. Total records compromised: 39,000. Estimated liability: $8,346,000.

8th: Optometrist's Computer Theft Exposes 40,000

A computer stolen from an Optometry office in Santa Clara, California on Friday April 2nd, 2010 contained patient names, addresses, phone numbers, email addresses, birth dates, family member names, medical insurance information, medical records, and in some cases, Social Security numbers. Though the files were password protected, they were not encrypted. A total of 40,000 records were lost, with an estimated liability of $8,560,000.

7th: Medical Records Found at Dump Expose 44,600

Medical records were found at a public dump in Georgetown, Massachusetts on August 13th, 2010. The records contained names, addresses, diagnosis, Social Security numbers, and insurance information. A medical billing company that had worked for multiple hospitals was responsible for depositing the records at the dump. The exposure required the hospitals to notify patients - an effort that continues to this date. The total number of records known to have been exposed is 44,600, but the search continues. Estimated liability: $9,544,400.

6th: Consultant Laptop Stolen Exposing 76,000

On March 20th, 2010, in Chicago, Illinois, a contractor working for a large dental chain found his laptop stolen. The computer held a database containing the personal information of approximately 76,000 clients, including first names, last names and Social Security numbers. Estimated liability: $16,264,000.

5th: Lost CDs Expose 130,495

On June 30th, 2010 a medical center in the Bronx reported that it had failed to receive multiple CDs containing patient personal information that was sent to it by its billing associate. These CDs were lost in transit. Information of 130,495 patients included the dates of birth, driver's license numbers, descriptions of medical procedures, addresses, and Social Security numbers. Estimated liability of $27,925,930.

4th: Portable Hard Drive Theft Exposes 180,111

In Westmont, Illinois, a medical management resources company reported on May 10, 2010 that a portable hard drive had been stolen after a break-in. The company believes the hard drive contained personally identifiable information about patients including name, address, phone, date of birth, and Social Security number. The company acknowledged that this hard drive had no encryption. As a result, 180,111 records were exposed, creating an estimated liability of $38,543,754.

3rd: Leased Digital Copier Leaks 409,262

On April 10th, 2010 a New York managed care service in the Bronx reported that it was notifying 409,262 current and former customers, employees, providers, applicants for jobs, plan members, and applicants for coverage that their personal data might have been accidentally leaked through a leased digital copier. The exposure resulted because the hard drive of the leased digital copier had not been erased when returned to the warehouse. Estimated liability: $87,582,068.

2nd: Training Center Hard Drive Theft Center Exposes 1,023,209

The theft of 57 hard drives from a medical insurance company's Tennessee training facility in October of 2010 put at risk the private information of an estimated 1,023,209. customers in at least 32 states. The hard drives contained audio files and video files as well as data containing customers' personal data and diagnostic information, date of birth, and Social Security numbers, names and insurance ID numbers. That data was encoded but not encrypted. Estimated liability to date: $218,966,726.

Most Expensive of 2010: Two Laptops Stolen Exposes 860,000

A Gainsville, Florida health insurance company reported in November of 2010 that two stolen laptops contained the protected information of 1.2 million people. This is an on-going story, as new estimates are calculated. To date, the estimated liability is $256,800,000.

Preventing Exposure: Data Encryption

These cases document that the majority of the data breaches which occurred in 2010 were not the result of hacking activities, or even unauthorized access by personnel. The greatest data losses were simply the result of computer theft of portable devices and misplaced media. Had the contents of the files been encrypted, this could have significantly reduced the risks and liabilities of these data losses.

Time and time again, industry experts point to data encryption as the key method by which organizations can prevent inadvertent exposure of sensitive data.

Of course, no healthcare organization wants to be listed on the US Department of Health and Humans Services' Wall of Shame. And the costs - in dollars and in reputation - can be extraordinary.

Isn't it about time your management got serious about data encryption?

Managed File Transfer Streamlines HIPAA/HITECH Complexity

Managed File Transfer (MFT) systems are great for policy enforcement, access authentication, risk reduction, and more. But for HIPAA and HITECH requirements, MFT shines as a work-flow automation tool.

MFT as the B2B Enabler

It shines because Managed File Transfer systems are actually automation platforms that can help companies streamline the secure transfer of data between business partners. How? It removes many of the configuration steps traditionally required for complex Business-to-Business (B2B) processes, keeping it straightforward and manageable.

Transferring patient information is a difficult challenge which many healthcare institutions are facing. Data standards were supposed to simplify this communication between healthcare institutions and their partners. But ask any technical professional about the underlying variability of data formats, and you'll hear a tale of potential confusion and complexity.

Nightmares of Compliance

The HITECH regulations within HIPAA require the security and privacy of healthcare records, strongly suggesting the use of data encryption. These records may travel between various healthcare-related partners including hospitals, clinics, payment processors and insurers. Each partner may require their own unique data format, and each may prefer a different encryption technique or transport protocol.

Considering these differing requirements, adding each new trading partner has traditionally needed the attention of in-house programming or manual processes, which has become hugely inefficient. Furthermore, if the new trading partner is not implemented properly, this can also create the potential for errors that may lead to data exposures. Any exposures could move the healthcare institution out of HIPAA/HITECH compliance and may cost them severely.

Simplifying and Integrating Information Transfer

A Managed File Transfer (MFT) solution can significantly reduce the potential for errors and automate those processes. With a good MFT solution, any authorized personnel should be able to quickly build transfer configurations for each healthcare business partner. This should allow for quick selection of strong encryption methods (e.g. Open PGP, SFTP, FTPS, HTTPS) based on the partner's requirements, so that HITECH requirements are maintained. At the same time, a MFT solution creates a visible audit trail to ensure that compliance is sustained.

But, perhaps just as important, a good Managed File Transfer solution is constructed as a modular tool that can be easily integrated into existing software suites and workflow processes. In fact, a good MFT is like a plug-able transfer platform that brings the variability of all kinds of B2B communications under real management.

Now extend the MFT concept beyond the healthcare business sector, into manufacturing, finance, distribution, etc. Suddenly MFT isn't a niche' utility, but a productivity and automation tool that has myriad uses in multiple B2B environments.

A Day-to-day Technical Solution

Perhaps this is why the Gartner Group has identified Managed File Transfer as one of the key technologies that will propel businesses in the coming years. It's more than just a utility suite: It's a system that can be utilized over and over as an integral part of an organization's solutions to automate and secure B2B relationships. In other words, MFT isn't just for specialized compliance requirements, but a lynch-pin of efficient B2B communications technology that can bring real cost savings to every organization.

Healthcare Case Study Utilizing a MFT Solution: Bristol Hospital Takes No Risks with Sensitive Data

Data Breach: Are You Next (or Again)?

A data breach is closer than you think. As the percentage of data breaches increase, the risk of organizations losing your sensitive data also increases. No one wants to receive the news that some or all of their personally identifiable information (PII) was stolen. There are people who are victims of various phishing scams, but it is more likely that your information will be leaked or stolen from an organization.

The health care industry is currently in the spotlight, as they are moving to mandated Electronic Health Records (EHR) and the American National Standards Institute (ANSI) is investigating the two main health care related data privacy concerns today: how to protect patient information and what is the financial harm or cost per record if it is stolen.

The numbers are staggering. According to the Privacy Rights Clearinghouse (www.privacyrights.org), there have already been 47 reported leaks or breaches in the health care realm this year. That is about one every other day (102 additional reported breaches if counting business and government).

In the world of data security; breaches are no longer thought of in terms of "if," but "when." Fortunately, there are easy steps companies and health care organizations can take to protect the PII that they maintain from direct hacking attempts. The procedures data security companies recommend you acquire begin with the following:

  • Require strong passwords
  • Use encryption to protect files in motion and at rest
  • Reduce the number of computers that process sensitive information
  • Audit every transaction
  • Limit the number of accounts that can access the critical data
The organization you own or work for doesn't have to be the next headline, start researching different options to protect your customer's sensitive data and keep your organization from a possible breach. The fines and surcharges are exponentially higher than purchasing a secure managed file transfer solution or a database encryption tool. Not sure where to start? Read the Top 10 Managed File Transfer Considerations.