On July 17, IBM unveiled its z14 mainframe server, which combines the traditional mainframe hardware with new capabilities in areas such as cloud, cognitive, analytics, application management, blockchain, machine learning and more. Most importantly, z14 includes enhanced security features — namely, pervasive encryption — to help clients stay one step ahead of cyberthreats.

Access protection inside the mainframe is based on the storage security keys mechanism, which is typical of the hardware. These keys ensure that access to data through the hardware and can be locked or unlocked by every software interface within the mainframe. This makes the hardware security-rich by design. In other words, the access protection hardware feature already works with a software interface in an easy and intuitive way.

Figure 1: The new IBM z14 (Source: IBM)

Watch the on-demand webinar: Your Mainframe Environment in a Treasure Trove

Introducing Pervasive Encryption

Of course, access protection is not the only security measure we need to consider. We must also focus on encryption, especially when security regulations come into play. In the past, mainframe data encryption was based on on-chip cryptography and cryptocards, which limited de facto software interactions with the hardware.

With z14, for the first time in the 50-year history of mainframe technology, encryption is pervasive. This feature adds software-based security intelligence to the mainframe’s robust encryption mechanism, allowing security solutions to leverage hardware-based cryptography like never before.

Figure 2: The new IBM z14 pervasive encryption feature (Source: IBM)

Pervasive encryption enables customers to encrypt data at the database, data set or disk level. If they so choose, they can even encrypt 100 percent of their data. The most crucial benefit of pervasive encryption, however, is that it does not require customers to change or adjust applications. Each app will have an internal encryption-decryption mechanism, allowing clients to apply cryptography without altering the app itself.

This feature should alleviate many pain points associated with the EU’s upcoming General Data Protection Regulation (GDPR), which governs how companies around the world handle personal data belonging to EU residents. Pervasive encryption can simplify security professionals’ responsibility to protect such information and help them keep up with the evolving regulations surrounding data privacy.

Learn More

To learn more, watch our recent on-demand webinars, “Your Mainframe Environment in a Treasure Trove: Is Your Sensitive Data Protected?” and “Protection Begins With Data at the Center: Encrypt It All With z Systems Pervasive Encryption.” You can also read our introductory redbook or view a demo of pervasive encryption from the IBM Client Center in Montpellier, France.

Thanks to Giuseppe Ranieri, Francesco Bertagnolli, Michael Jordan and Nick Sardino for their help and contributions to this article.

Watch the on-demand webinar: Your Mainframe Environment in a Treasure Trove

More from Data Protection

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…

The Digital World is Changing Fast: Data Discovery Can Help

The rise in digital technology is creating opportunities for individuals and organizations to achieve unprecedented success. It’s also creating new challenges, particularly in protecting sensitive personal and financial information. Personally identifiable information (PII) is trivial to manage. It’s often spread across multiple locations and formats and can be challenging to find and classify. Organizations need a modern data discovery and classification solution to identify sensitive data across physical, virtual and public clouds. The Current State of Sensitive Data Discovery and…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…