Posts Tagged ‘MQ Advanced for Developers’

Complying with GDPR and the importance of protecting data with MQ Advanced

July 11, 2018

padlock

As a business, acquiring and keeping customers is crucial. You need to ensure that you are continually delighting them, ensuring you deliver the best value, and are easy to do business with. And one critical thing above all others is to ensure that the customer can trust your business.

 

Why is this important? A key reason is that the customer is trusting your business with their information, and you therefore have a responsibility to keep it safe. Because if a customer can’t trust you with their information, they won’t do business with you.

Screen Shot 2017-09-26 at 11.42.31

And it is not just a question of customer trust. There is more and more legislation around the world designed to ensure that businesses are taking the protection and security of 3rd party data seriously. The headlines recently around this have been driven by the deadline date for the EU’s GDPR. But honestly protecting your own data, as well as customer information should have been essential practice anyway.

 

Meeting the needs of GDPR, other legislation in this area, and also customer trust isn’t just about ticking a box and can’t be addressed through a single change or product. There needs to be a comprehensive approach to ensure there aren’t gaps in the security. One of the best ways to ensure that is the thought of ‘privacy by design’ as mentioned in GDPR. Instead of having to try to protect multiple aspects of security in every system, you can ensure security is applied much more widely so that individual areas of security and multiple connected systems are protected without additional effort or overview.

 

There are multiple reasons why a business might use IBM MQ’s messaging to move data within a business, or between businesses. Thousands of the world’s leading businesses have depended on it for reliable, scalable, secure and highly available messaging for 25 years. And while IBM MQ is a secure environment, today’s connected business systems, with the challenge of regulations like GDPR requiring demonstrable protection and records of who could have had access, and the need to show removal of data requires even more security. And this is available as a part of IBM MQ Advanced or IBM MQ Appliance with end-to-end encryption including encryption of data at rest.

 

Why is this important, and how would it help protect data, as well as help to comply with GDPR and other legislation? Consider a typical connected environment with messages flowing across many different connected systems. Maybe data originating from a customer will bounce across different business systems as a message: ordering, invoicing, manufacturing, shipping, loyalty programs. Some of these might be with the enterprise, and others might be 3rd party businesses who provide a service. As messages flow, they will get persisted to disk to ensure they don’t get lost in case of a failure. But how to ensure that every system and every disk is protecting these messages without having to be in control of all these systems and disks, which might be owned by other organizations?

Screen Shot 2018-07-11 at 11.13.48

The end to end encryption in MQ Advanced is policy-based and doesn’t require application updates. In fact, the applications themselves will be unaware that the messages will be encrypted between the sending and receiving applications. The messages being sent over MQ will have the MQ message contents encrypted, but the messaging header (properties) will remain in the clear. As each message is persisted to disk in a queue, the contents will remain encrypted. The messages will only be decrypted at the destination application as set in the policy. With this in place, it becomes irrelevant how many systems the message will travel through between source and destination, or even the security or ownership of each system. It can be demonstrated that the message will not be accessible except to the receiving application, therefore ensuring that there is a complete record of who has had access to every message, and therefore it is under complete control.

 

The enhancements to this end-to-end encryption in MQ Advanced V9.0 and most recently in MQ V9.1 (announced July 2018) not only provide this strong encryption that doesn’t require application changes, but also can be applied with virtually no performance impact either.

 

With your business under pressure from GDPR and other legislation, and the need to ensure your customers can trust you to look after their data and personal information, it has become essential to consider the move to MQ Advanced in order to take advantage of this cutting-edge data protection capability.

Update: For more information in detail about the security features of the IBM MQ family and how they might help as part of a GDPR approach, here is link to a presentation by Jamie Squibb on this topic, presented to Guide Share Europe earlier this year.

Get started today, by downloading the MQ Advanced trial, or MQ Advanced for developers or even simpler try out the new hosted IBM MQ on IBM Cloud .

Advertisements

Building higher – IBM MQ V9.0.2

March 16, 2017

When a building is being constructed, it can be hard, from moment to moment to see progress. Yes – you see lots of activity. Lots of people are busy doing all sorts of important jobs, but it can be hard to see what they are all doing. You need to find a way to keep track of how they are doing. What progress are they making, and what milestones are they hitting.

building construction

In delivering updates to IBM MQ, now that we are on a ‘Continuous Delivery’ schedule, we set these milestones of deliveries around 3 times a year. We don’t plan to do IBM announcement letters with every update, but will do blogs here and elsewhere for some of the updates, with official announcements for others. For IBM MQ V9.0.1, there was an announcement letter, and I blogged about it here, but with IBM MQ V9.0.2 there are only blogs – both this one and our development blog from Ian Harwood you can find on developerWorks here. Also there is a YouTube video talking about the new update.

So, what has the development team has been working on in MQ V9.0.2? As with the 9.0.1 update there are several areas of enhancement and new function including:

  • Additional REST API coverage
  • Further updates to the MQ Console
  • Improvements in MQ MFT specifically in MFT Agent status reporting
  • Simplification in managed MQ logging on distributed platforms
  • MQ Appliance support for HA key renewal and 9.0.2 REST API verbs
  • Support for IBM Cloud Product Insights for registration and usage
  • Integration with Salesforce messaging events
  • Native Debian installer support for Ubuntu
  • Availability of MQ Advanced for Developers in the IBM Bluemix Container Service

 

Perhaps as with our description about building construction above, the delivery of any of these features might not be significant, although I think that the logging improvements will make a substantial difference to the many aspects of the use of MQ in the thousands of customers using it today.

 

What hopefully does become apparent is our ongoing support for the continuous delivery process. While some of these updates are brand new and have taken a lot of work, others are continuing to build on the work done in the MQ V9 and MQ V9.0.1 deliveries. These incremental deliveries of REST API support, and now the new Cloud Product Insight support will continue in future Continuous Delivery releases, making these features and the product more useful.

 

Let’s look at a handful of these new features starting with the logging support. Logging is very much the heart of IBM MQ and it is these recovery logs which allow MQ to recover from a failure, therefore providing the reliable and robust nature of IBM MQ. While circular logs are easier to manage, many customer use linear logs but these come with a lot of administrative overhead. The new feature allows for automatic management, recording and reuse of logs, lowering both the administrative overheads and improving the overall throughput in the system

 

IBM Cloud Product Insights is a new cloud hosted offering that many different IBM products will be able to work with. Additional features will be added to work with this over time, but initially there is support for registration and usage. You will be able to register your instances of IBM MQ and track them on the Product Insights dashboard. At this time you will be able to see what level of IBM MQ is install, where, and when it was last running. You will also see some usage information such as the number of persistent and non-persistent messages put, and the total size of data being moved through MQ. There is also a beta of log management, where MQ error logs will be shared with the Product Insights dashboard.

MQSalesforce

You may have seen the recent announcement of IBM and Salesforce working together more closely. We are very pleased that one of the ways this relationship is being demonstrated is through a bridge between Salesforce and MQ. When an event happens in Salesforce such as a change to data or a new application being run (Salesforce Platform Events or PushTopics), there is now the ability to trigger a MQ message to provide information about that event without the MQ application needing to be directly connected to Salesforce, simplifying your environment but making your systems more connected.

 

And finally, we now have a version of MQ Advanced for Developers available in the Bluemix Container Service. This means that the fastest way to create a development environment for IBM MQ might be with a couple of clicks to provision MQ Advanced for Developers. With pre-configured defaults to simplify administration, there has never been an easier way to get started with IBM MQ. What are you waiting for?