Encrypt and preserve

  You're probably done with identifying and solving your "red flags" in accordance with regulations issued in January by the Federal Trade Commission and other government agencies under the rubric Identity Theft Red Flags. That's where you're supposed to find all your sources of customer information that potentially could lead to identity theft and figure out a way to thwart bad guys from getting the data.

Well, if you haven't solved this conundrum already, Wasim Ahmad, vice president of products at Voltage Security Inc. in Palo Alto, Calif. wants to have a chat. This week his company unveils its Voltage SecureData Web services-based encryption tool that uses format preserving encryption (FPE), which Ahmad says will fix your problem. According to him, FPE can encrypt data, such as credit card and Social Security info, while keeping your application's format intact. He claims most other encryption techniques require you to change an application's layout, a daunting task, as you well know. He says you simply point your application to a Voltage SecureData server, define the columns needing to be encrypted and it can all be done in batch mode. There's probably a bit more to it than that, but compared to rewriting code or defining new database schemas, this could be a good way to abide by the  FTC's new regulations. Pricing starts at $35,000 per year.