Pervasive Encryption for IBM z14 and z15: Protect Your Mission-Critical Data Now
Don Dejewski Director, Mainframe Product Development
In 2020, the average cost of a data breach was $3.68 million, and took an average of 280 days to identify and contain. And 80% of those breaches involved customers’ personally identifiable information (PII), according to IBM.1
For 75% of IT professionals, security is their top priority for the third year in a row.2 And no wonder. A data breach can interrupt operations, cause severe financial repercussions, create compliance and audit issues, and dramatically erode customer confidence. These days it’s not a question of “if” you’ll suffer a data breach, but “when” and “how bad.”
Let’s talk about Pervasive Encryption for IBM z14 and z15
Pervasive Encryption reduces the risk of exposing your data in the case of a data breach and protects your data both in-flight and at-rest on z14 and z15, rendering that data worthless to attackers if they don’t have the encryption key. In general, data is most vulnerable when it is being moved from one location to another, making it an ideal solution no matter where data is stored or how it is used. The right encryption solution is vital: only authorized users can access your data, not bad actors. It simplifies data protection, secures your IT infrastructure and ensures business continuity.
By placing the security controls on the data itself, Pervasive Encryption creates an envelope of protection around all of your data that resides on IBM Z servers. The major benefit of pervasive encryption? It doesn’t require you to change or adjust applications. Each app has an internal encryption-decryption mechanism, allowing you to apply cryptography without altering the app itself. This increases the security of all of your enterprise’s digital assets, reduces risks from undiscovered or misclassified sensitive data and slashes the cost of compliance. This ensures that enterprises meet audit and compliance requirements, by encrypting data in all core business applications (it even protects customer data that resides as objects within the database). You can also limit user access and control of data as needed.
This level of security is particularly essential in highly regulated industries, like insurance, finance and healthcare, and public sector agencies, who must comply with HIPAA, FIPS, PCI-DSS and GDPR regulations that require advanced protections like Pervasive Encryption.
Implementing Pervasive Encryption helps shift your enterprise’s mindset from selective encryption (of only the data required for compliance) to Pervasive Encryption of all enterprise data. This is an essential change as customers become increasingly careful about sharing data and regulators step up privacy requirements, leading enterprises to realize that data protection and privacy can create a business advantage.
Getting started with Pervasive Encryption for IBM z14 and z15
There is a persistent myth that encryption is complicated and expensive. No more. Pervasive Encryption is a cost-effective solution that enables the broad use of network encryption, and its enhanced audit capabilities simplify compliance. Implementing Pervasive Encryption is also a one-off project, that takes a few weeks, not months.
In order to take advantage of z14’s and z15’s Pervasive Encryption capabilities, you will need to meet minimum hardware and software requirements for z/OS data set encryption. Ensono can set up a Pervasive Encryption Readiness Assessment with IBM to review the Pervasive Encryption offering and determine whether your environment is ready and provide a roadmap for success. If not, Ensono can make the needed adjustments and upgrades. Then Ensono can install, configure and support the Pervasive Encryption mainframe native components to protect your mission-critical data, and offer on-going maintenance of encryption keys if required. If you are using IBM z14 or z15 servers today, and not using Pervasive Encryption, you are leaving your data dangerously exposed, and should take action immediately.
Talk to Ensono about Security Maturity
Ensono’s team of expert security associates, including former CISOs, can assess your organization’s security maturity and make actionable recommendation to enhance your controls, processes, and security automation, ensuring compliance. Ensono is the only MSP that provides end-to-end services from mainframe to cloud. Let’s talk.
Footnotes: 1 IBM, Cost of a Data Breach Report, 2020 2 IBM i Marketplace Survey, 2021