- Customer Profile: Technology company; 10,200 employees in DIEHL group
- Goals: Secure confidential intellectual property in email; avoid data breaches; protect corporate reputation
- Solution: PGP Universal™ Gateway Email & PGP® Desktop Email secure communications
- Alternatives: Lack of key management; infrastructure changes required
- Deployment: On schedule & within budget; by PGP® Silver Partner, help AG
- Benefits: Security; regulatory compliance; integration with Lotus Notes
The PGP® Encryption Platform protects research and development information in email communications between DIEHL Informatik and business partners.
Diehl Informatik GmbH is a subsidiary of the DIEHL Group, one of Germany’s largest technology companies. The privately owned DIEHL Group, founded more than a century ago, has an international focus and achieved sales of €1.8 billion (US $2.4 billion) in 2006. The DIEHL Group comprises 10,200 employees in more than 40 independent units, distributed among three divisions: Metal, Controls, and VA Systems. Diehl Informatik provides IT services to the DIEHL Group as well as to external companies.
For a technology leader like the DIEHL Group, intellectual property is its primary asset. Its aerospace division (VA Systeme), for example, develops new technologies for its aerospace customers. Confidential information about these projects must be protected to avoid jeopardizing patent and trademark registrations. The company also needed a way to help prevent data breaches so it could protect its reputation and the trust it had developed with customers and partners.
Looking for streamlined solution. The DIEHL Group prefers to exchange information with partners via email, so it first introduced an email encryption product as early as 2002. The native Lotus Notes encryption proved adequate for internal email, but difficult to use for external communication, so the DIEHL group had introduced a third-party add-on to its Domino servers.
A few years later, the solution was no longer state of the art. It lacked efficient key management and thus required the IT group to perform many manual, time-consuming tasks. The solution also supported only one key per domain instead of one key per recipient, the industry standard, and lacked an efficient way to verify the authenticity of a message and its sender. DIEHL needed a more streamlined solution.
Search for an alternative. Harald März, IT system consultant at DIEHL Informatik, decided the company needed to replace the third-party content filtering and encryption extensions on the Domino servers with a technology that was easier to use and less expensive to run. His strategy was to install appliances, which would also improve the performance of the mail servers.
One of DIEHL Informatik’s external security advisors, PGP® Silver Partner help AG, proposed replacing the legacy solution with PGP Universal Gateway Email. “We’d been using PGP Desktop Email to encrypt email between managers and Human Resources, so I was already comfortable with PGP® technology,” März says. “PGP Universal Gateway Email enabled us to move encryption to the gateway, creating a more scalable architecture that provided less-expensive, centralized management of the desktop clients.” Equally important, PGP Corporation had an established relationship with the company’s content filtering vendor, enabling DIEHL Informatik to leverage the synergies of a combined solution.
Integration with Notes. März wanted to continue using the native Notes encryption for internal email, a requirement PGP technology could satisfy. Although the user interface still showed the native Notes encryption buttons, the content filter now forwarded confidential email for external recipients to PGP Universal Gateway Email for encryption. In addition, policy can be centrally set for specific recipients so that email to important domains are automatically encrypted. “Our users find PGP encryption easy to use,” says März, “because they don’t really notice it.”
Simplified infrastructure management. Unlike other solutions, the PGP® solution did not require März to change the Notes templates with each system update, saving considerable IT effort and resources. “The PGP solution also was the only one that could integrate with the Notes LDAP directory, which greatly simplifies user management,” says März.
Streamlined key management. The PGP solution includes a keyserver that enables DIEHL Informatik to fully automate key management—a feature not available in the legacy product. The keyserver automatically generates one key per user, ensuring compatibility with other standards-based solutions. Email messages can also be signed to verify the authenticity of the message and the sender.
Assured data access. Another important feature was the patented Additional Decryption Key (ADK), which enables DIEHL Informatik to access encrypted email messages even if a key is lost or unavailable. “It’s critical that we have access to information for e-discovery and don’t lose intellectual property if a user is unwilling or unable to decrypt a message. PGP Corporation was the only vendor to offer this technology,” says März.
DIEHL Informatik asked help AG to deploy the solution, including two servers to ensure high availability “We needed to integrate the clustered servers with the content filter, the Notes LDAP directory, and our complex firewall environment,” says März. “Even so, the deployment itself took only 2 days.”
Standards-based solutions. Communications with business partners have proceeded smoothly using PGP® products. “We can communicate easily with business partners because PGP solutions comply with global standards,” März says. “PGP Universal Gateway Email integrates well with our internal Lotus Notes encryption and external trust centers, eliminating the costly, manual tasks of the previous solution.”
Robust and scalable. März reports solid success with the PGP solution. “Our experience shows that PGP Universal Gateway Email is very robust and scalable. The cluster has been running for 490 days without a reboot and has processed more than 440,000 emails.”
Easy to run. März manages the solution himself. “I spend only about a day per month administering PGP Universal Gateway Email, which is considerably less than with the previous solution,” he says. When he encounters a complex question, he talks with his consultants at help AG. “I’m very pleased with the level of support I’ve received from help AG,” he adds.
März is confident DIEHL Informatik made the right decision. “We were convinced by the visionary PGP Encryption Platform. In addition, PGP products already included some essential features at a time when other vendors didn’t even have such features on their roadmaps.”
Expansion plans. Having introduced the PGP Universal™ Server to manage email security, März is beginning to see the possible synergies of the PGP Encryption Platform. “We’re considering switching from our current laptop security to PGP® Whole Disk Encryption because it would consolidate administration on a single management console, reducing operational costs,” he explains. He is also interested in the PGP® Support Package for BlackBerry® to protect communications on handheld devices.
Mission accomplished. “Our managers understand they need email encryption, but it has to be very easy to use,” says März. “I believe we achieved this goal. This is a great first step toward a long-term partnership with PGP Corporation.”
About the PGP Encryption Platform
The PGP Encryption Platform reduces the complexities of protecting business data by enabling organizations to deploy and manage multiple encryption applications cost-effectively from a single management console. Deployed with the first encryption application, the PGP Encryption Platform makes installing a separate or additional infrastructure unnecessary when the organization needs other encryption applications. The PGP Encryption Platform supports the broadest range of integrated applications to secure email, laptops, desktops, instant messaging (IM), PDAs, network storage, file transfers, automated processes, and backups.
About help AG
help AG, a PGP Silver Partner, took the lead in the deployment of all PGP Encryption Platform–enabled applications at DIEHL Informatik. Founded more than 10 years ago, help AG is a privately owned IT services and consulting firm in Germany that implements and operates turnkey security solutions. help AG is the trusted IT security advisor for many midsize to large organizations. |
