Tandemworld eNewsletter

XYPRO’s 2022 Roadmap

Recently XYPRO’s Chief Product Officer, Steve Tcherchian presented XYPRO’s 2022 Product Roadmap Update including how recent XYGATE updates help you meet your 2022 ZERO-trust goals and cybersecurity objectives.

Get an insider’s look into new features and functionality that maximize your XYGATE security investment. Steve discusses XYPRO’s latest advances in Multi-Factor Authentication (MFA), Compliance and Anomaly Detection. Get updated on HPE NonStop integrations with Splunk, SailPoint, CyberArk and ServiceNow. Graphical user interface, application

Description automatically generated

View the recorded roadmap presentation here: https://youtu.be/S4X0SWPR6Uk

Modernize Compliance with HPE and XYPRO

On March 24^th, 2022, Steve Tcherchian joined HPE’s Allen Whipple and Jerry Thompson, SECU’s Senior VP of Technology Services, in presenting “Modernize Compliance and Reduce the Cost of Security Incidents by 80% – Webinar”.

This webinar addressed:

● Best practices to address regulatory and compliance requirements.

● Why security is not a one-and-done effort. How to address multiple layers of threat protection – particularly with Tier 0-1 applications.

● The combined value of XYPRO’s SecurityOne solution for HPE NonStop - an unrivaled platform that is secure and compliant.

● How HPE and XYPRO have joined forces to make purchasing and implementing XYPRO’s Security suite easy and affordable.

Security assessment offer

Gauge your security readiness with our free security assessment. Find out more here.

2022 SunTUG Sunshine Summit

The 2022 Connect Florida/ SunTUG Sunshine Summit will feature a full day of NonStop education and networking for end-users, third-party vendor partners, and HPE.

XYPRO is happy to be exhibiting and presenting on a topic relevant to everyone:

Enterprise Integration for the HPE NonStop Ecosystem

Learn how the XYGATE suite of security, compliance and risk management solutions modernizes NonStop applications and integrates your HPE NonStop servers with the latest enterprise solutions like Sailpoint IdentityIQ, CyberArk, ServiceNow and others. XYGATE integration provides visibility and governance of your NonStop processes – saving time and money while greatly reducing risk. It has never been so easy to be a seamless part of the enterprise!

XYPRO is also sponsoring the “Afternoon Break”, so drop by for a snack, a drink and drop off your entry for our gift card raffle!

Join us at The DoubleTree by Hilton Hotel Tampa Airport - Westshore. Use the code SUN to get the discounted room rate.

ServiceNow Integration for HPE NonStop Webinar

Inadequate change control exposes you to cybersecurity risk and compliance issues. ServiceNow IT Service Management (ITSM) is the primary enterprise solution for IT change management.

Join XYPRO for a live webinar and learn just how seamless we make integrating your HPE NonStop servers with ServiceNow ITSM. Validate privileged commands against Problem, Change and Incident Tickets, granting or denying execution based on the response from ServiceNow. Eliminate complex, after-the-fact manual effort otherwise required to match NonStop executed commands with individual ServiceNow tickets.

XYGATE ServiceNow Integration using ZeroTrust enforces the highest level of security in the ServiceNow workflow to reduce risk and increase efficiency. Click here to learn more and register.

Migration Services

Contact Us

· GTUG

       Dear NonStop User Community,

we hope you started the New Year well and are wishing you all the best for 2022!

For your information and plannings:

We are very pleased to invite you to join the virtual

    eGTUG - European NonStop HotSpot 2022
    taking place on April 26/27, 2022

This annual European Conference is this year once again organized by the Hewlett Packard Enterprise User Group GTUG NonStop e.V. and strongly supported by HPE. Due to the ongoing pandemic situation, we think it is still too early to plan this conference as an onsite event. Therefore, ufortunately, it will be an Zoom event again - however, meanwhile we all have some experiece in this.....

The conference features a strong international agenda on current topics. You will hear about latest strategic and technical developments on NonStop from users, HPE Management and international vendors.
In order to enable personal exchange even in digital times, there is the opportunity to meet in breakout sessions for personal discussions. In particular, after the respective lecture, the speakers have a room available for individual questions.

Currently we are planning the Agenda. If you have any wishes on topics you are interested in or if you want to present, please let us know! (pamela.bogner@gtug.de).

More details on the "eGTUG - European NonStop HotSpot 2022" will follow within the next weeks.

Please save the date and hope to meet you (virtual) on April 26/27!

Best regards
your GTUG Team

Pamela Bogner
Conference Organization

Big Sig 2022 is Back

www.bitug.com

Please Register for the In-person MATUG Meeting, May 2022

Please register via Eventbrite for the in-person Mid-Atlantic Tandem User Group (MATUG) Meeting scheduled for 8am-5pm on Thursday, May 19, 2022 at the HPE Office in Reston, VA, near Washington DC. The meeting is a great opportunity to see the HPE NonStop roadmaps first-hand and to hear all of the latest news on NonStop development, product management, and sales. MATUG also provides members with the opportunity to participate in quality informational sessions from vendors and network with fellow HPE NonStop users. Space is limited, so please register early.

The MATUG meeting is open at no cost to all HPE NonStop customers, partners, users, consultants, or other interested parties. Members are usually from the following states: Virginia, Washington, D.C., Delaware, Maryland, Pennsylvania, New Jersey, and West Virginia, although anyone can attend. Please forward this announcement to others in your organization who may be interested in attending. Contact us if you have any questions.

Covid 19 requirement: Please note that due to the coronavirus, all attendees must complete an additional verification step prior to arriving. Once you complete the Eventbrite registration, John Vollers of HPE, will email you a separate coronavirus registration email, which must be completed and returned prior to the meeting.

Vendors, ISV’s, and software providers: There are several 25-minute vendor presentation slots available, for a reasonable sponsorship fee (estimated to be about $250). These slots will be filled on a “first-come first-serve” basis, based on the time of your email response to Susan Loeliger, MATUG Secretary/Treasurer. (User presentations take preference and are free.)

Ask TandemWorld

Got a question about NonStop ? ASK Tandemworld

Keep up with us on

Twitter @tandemworld

We are currently seeking skilled resources across the EMEA region,

contact us for More Info

www.tandemworld.net

Gravic Publishes Article on HPE Shadowbase Data and Application Integration Software

In the January/February issue of The Connection, we published the article, Shadowbase Data and Application Integration Software for Nonstop Competitive Advantage! HPE Shadowbase Data and Application Integration software easily connects existing applications and databases to new applications and databases in real-time. Data Integration uses data replication to update target databases in real-time to build online data warehouses, data marts, operational data stores, and more. Application Integration uses data replication to feed key database changes to downstream applications without requiring application code changes to build event-driven architectures for real-time business intelligence environments, real-time fraud detection systems, and real-time analytical processing solutions. Please visit our website on Data Integration and Application Integration or watch our video to learn more on how these HPE Shadowbase solutions can benefit you!

Gravic Presented at February HPE NonStop Regional Technology Forum

Gravic presented HPE Shadowbase Solutions Update: New and Improved Features at the February HPE NonStop Regional Technology Forum. We presented to EMEA, APJ, and the Americas to a well-attended audience of Customer Engineers, Technical Consultants, Account Support Managers, NonStop Solution Architects, and Sales and Call Centers supporting the NonStop products. Attention HPE personnel: If you missed our talk and would like us to present it to you, then please contact us.

Gravic Presents on HPE Shadowbase Product Updates at

Upcoming SunTUG Sunshine Summit

Gravic will present HPE Shadowbase Product Updates at the SunTUG Sunshine Summit in Tampa on March 4. We describe newly released and upcoming features in the HPE Shadowbase data replication product, including:

· Business Continuity – maintain consistency and recoverability with active/passive, sizzling-hot-takeover, and active/active replication architectures

· Data Integration and Synchronization – feed data warehouses, data marts, and operational data stores

· Application Integration – build real-time business intelligence systems for sales, fraud detection, and more

· Zero Downtime Migration – eliminate planned application downtime, and minimize the risks associated with hardware and software changes

· Compare and Repair – ensure audit compliance and validate that the standby/target database matches the source while working alongside any replication engine

Spanish Version Available of our Article, Easily Modernize and Expose Valuable Enscribe Data – Eliminate Data Silos with HPE Shadowbase

We are pleased to release a Spanish version of our article, Easily Modernize and Expose Valuable Enscribe Data – Eliminate Data Silos with HPE Shadowbase. La traducción al español se puede encontrar aquí. (A Spanish translation is available here.) If there is another article or publication that you would like to read in a different language, please Contact Us.

Hewlett Packard Enterprise globally sells and supports Shadowbase solutions under the name HPE Shadowbase. For more information, please contact your local HPE Shadowbase representative or visit our website. For additional information, please view our Shadowbase solution videos: https://vimeo.com/shadowbasesoftware.

Specifications subject to change without notice. Trademarks mentioned are the property of their respective owners. Copyright 2022.

How to Develop a Zero-Trust Model to Secure Cloud-Native Applications

The global pandemic that began two years ago accelerated a worldwide shift in how entire workforces operate. Organizations were forced to quickly adjust to new business models by migrating applications and services to the cloud to enable remote work. However, these same digital enhancements also expanded attack surfaces and created new opportunities for cyber-criminals to exploit.

With organizations embracing remote work due to the COVID-19 pandemic, the need to secure data and systems has become more critical than ever before.

Organizations are also rapidly embracing cloud-native applications to modernize their business operations and improve delivery times. This approach to application development and deployment takes full advantage of the cloud computing environment, which uses technologies like microservices, containers, automated CI/CD pipelines, container orchestration, and cloud infrastructure to leverage the runtime and services provided by the cloud platform. A cloud-native development strategy leads to resilient, agile, and scalable solutions. Enterprises use container technologies, like Docker, to simplify the packaging and deployment of their cloud-native applications. Kubernetes is a popular container orchestration system for automating containerized application deployment, scaling, and management.

However, modern-day cloud services face security risks like data breaches, application vulnerabilities, account hijacking, and insufficient credential management. To protect against these threats, organizations must adopt a zero-trust model for their data and services and embrace the DevSecOps movement to integrate security practices throughout their software development lifecycle.

A zero-trust security model can improve an organization’s overall security position, especially when dealing with mobile workforces or hybrid workspace environments. The basic principle of a zero-trust security model is to avoid blindly trusting every element within the corporate network. Organizations should always authenticate users, applications, and devices that try to access the network, whether internal or external to the organization.

Some of the key principles for building a zero-trust-based architecture are:

Multi-factor authentication

Identity and access management

Data classification and encryption

Least privileged access

Introducing the New CSP Authenticator +

Cloud-Native Application

CSP Authenticator+® provides multi-factor authentication for NonStop servers and supports various authentication methods. It can be used as a Safeguard SEEP or with Pathway and non-Pathway applications. Almost any application, including TACL, can now easily support multi-factor authentication.

The new CSP Authenticator + cloud-native application was developed using a modern cloud-based framework. This redesign focuses on providing security, flexibility, and scalability.

Multiple authentication methods such as RADIUS, Active Directory, RSA, and Open LDAP are supported. Additional authentication methods include Email, Text Message, and Google Authenticator.

New features:

·        New cloud-based framework – A new cloud native application built using modern technologies

·        Support for Kubernetes Helm deployments – easy to deploy in cloud environments using Kubernetes framework

·        Support for High Availability environments – Create highly available Kubernetes clusters for resiliency

·        No differentiation between Primary and Secondary authentication – users can choose any mix of available authentication methods, and even choose more than 2 authentication methods

·        Application based authentication methods are now supported, and more authentication methods are being added. Authentication methods currently supported include RSA, LDAP, Active Directory, RADIUS, Google and Microsoft authenticator, OTP via Email, and OTP via SMS

·        Set different authentication methods for different user groups and privileged groups

·        Redesigned user-interface makes it more intuitive and user friendly

·        Maintain a matrix of authentication profiles, policies (authentication methods), and users

·        Support for various databases, including Amazon S3, Atlas Cloud service, MongoDB, etc.

Benefits:

·        Protect valuable resources & data.

·        Add layers of authentication for secure access to systems and critical applications.

·        Address PCI compliance requirement 8.3 which requiring multi-factor authentication for all personnel with remote access, and non-console administrative access to the cardholder data environment.

·        Integrate with centralized ID management systems to effectively manage users.

CSP Authenticator+ Key Features:

·        Support for multiple authentication factors including RSA, RADIUS, Active Directory, and LDAP, Microsoft, Google, OTP

·        Create various profiles and policies for different set of users, and applications

·        Ability to use more than two authentication methods

·        Provides standardized authentication across platforms

·        Configure for all or only selected/privileged users

·        Fully encrypted communications with cloud native application

·        Supports various databases

·        Support for new authentications methods

·        Supports TACL, Pathway and Non-Pathway applications

CSP - Compliance at your Fingertips™

For complimentary access to CSP-Wiki®, an extensive repository of NonStop security knowledge and best practices, please visit wiki.cspsecurity.com

We Built the Wiki for NonStop Security ®

The CSP Team

+1(905) 568-8900



Why your payments data is your gold mine

How many payments processors and Financial institutions are really making the most of their payments data?

The industry is littered with large organisations who have stitched together a number of poorly matched components that serve their clients in a sub-optimal way. Systems grow, evolve, and then mergers bring together a number of different solutions that may struggle to deliver the sort of value that you as a customer may really need.

The consolidation of the payments industry over the last 10 years or so has only added to this dilemma.

How well are you able to optimise the view and consumption of your payments data?

Many providers process the payment transaction portfolio itself, but are limited in their ability to add any significant value to the business of payment transactions. Let’s consider some of the challenges that businesses really need to prosper. For example, what’s my transaction decline rate? Or conversely, what’s my approval rate? When are my declines actually hard declines as opposed to soft declines? Soft declines can often be successfully retried, whereas a hard decline may suggest it’s better to ask the customer for an alternative payment method.

How can I improve my approval rates and diminish the declines?

Secure Customer Authentication, while necessary to reduce the fraud rates, has actually increased the decline rate. One of the most effective ways of achieving a better level of transactions approvals is to accept Apple Pay and Google Pay. With a native embedded 2 factor authentication, these payments methods go a long way to meeting SCA (Secure Customer Authentication). SCA on its own has tended to result in a lower level of authorisation simply due to the added friction, but the phone-based payment mechanisms help to alleviate this friction.

How well is your business managing the interaction with your card issuers?

Consider for one moment that the issuer declines the transaction. Could it be an MCC failure, and if it is, perhaps your business has been mis-classified. You’d benefit from some real-time interaction with the card issuer to remedy such a situation so you can remove any roadblock for the rest of your online users.

How Responsive are your partners when problems start?

We’ve seen an explosion over the last 2 years of e-commerce over face to face commerce and the e-com is becoming sticky. It’s not going to disappear anytime soon, and for many it’s become the only way to trade.

Can you push your payments data into other areas of your business?

If not, why not? Seeing exactly what is going on with your payments data is critical to operating a successful business. You can’t wait till the end of the day to resolve issues, you need to know right away. Integration your payments engine with the other key areas of your business is critical for real-time analysis.

How does OmniPayments help?

For our part, OmniPayments helps clicks & bricks acquirers both large and small to acquire transactions at the lowest possible cost, maximising revenues for the institutions who use us. Better still, you can up and running in no time at all. OmniPayments private Cloud service “OmniCloudX" brings you a ready-and-waiting powerful switch to process your transactions from as little as $5,000 per month.

OmniPayments combines all modern payment methods, including Smartphone, NFC cards, Barcode, vouchers, ApplePay, GooglePay enabling merchants to smooth the experience with the minimum of friction. Integrated with third party Trusted Service Managers, OmniPayments supports the issuing of cards and tokens embedded in modern devices and watches, making the payment experience totally seamless.

OmniPayments integrates with all other existing business value infrastructure, in real time, on a database level or message level APIs.

OmniPayments manages payments for a growing number of regional and global companies across the planet. Put your faith in OmniPayments and help your organisation to grow. For further information, contact us as sales@omnipayments.com. Follow us on Linkedin at https://www.linkedin.com/company/omnipayments/mycompany/ , on Twitter @omnipayments, and find our latest videos on YouTube.

NuWave Prizm Gateway™: The Best of NonStop Integration Is Just Getting Started

NuWave Prizm Gateway™

NuWave Technologies’ Prizm Gateway™ makes it easy to enable, maintain, monitor, and secure API connections throughout the enterprise.

APIs act as entry points for applications to access data from backend services. With Prizm Gateway™, users can connect all of their RESTful APIs and enable real-time communication management for all applications both on and off the HPE NonStop

Prizm Gateway™ does this by routing all API calls through a single point of entry while enabling traffic management, denial of service (DoS) protection, authorization and access control, service deployment, load balancing, and monitoring.

Prizm Gateway™ makes it easy to manage and protect your REST infrastructure and provides:

●       A single point of entry for all communication between frontend clients and backend servers.

●       A central point for DoS protection and authentication

●       A central point for service load balancing

●       A central point for service upgrade, in this case using the canary (A/B) deployment method

●       Easier lives for your security, operations, and development staffs because they don't have to implement any of these features for each individual service and microservice

And this is all accomplished on the most scalable, robust, and fault-tolerant platform: the HPE NonStop.

Lean more about Nuwave’s Prizm Gateway and be sure to join our open forum on March 9th at 1:30 pm EST! More information below.

NuWave Prizm Gateway Open Forum

NuWave invites you to join this open forum to discuss Prizm Gateway. This session will be an open session for you to ask questions and learn why an API Gateway can benefit your HPE NonStop and the enterprise.

Find out more about us at www.tandemworld.net