Encryption

Pervasive protection

Share this post:

Perhaps as many as 45,000 cyberattacks occur around the world each day.[1] It’s easy to understand why cybersecurity is the top IT spending priority for businesses large and small, and has been for years.[2]

CybersecurityData breaches are costly. In the United States, the average cost of lost business from a data protection failure reached $4.13 million per incident in 2017. Around the world, the average cost for a single lost or stolen record containing sensitive and confidential information topped $141 dollars, with some companies losing tens of thousands of records at a time, if not millions. Increased customer turnover, additional customer acquisition activities, damaged reputation and diminished goodwill all contribute to the cost of a data breach. And don’t kid yourself; security analysts estimate there’s more than a 27 percent chance that your organization will have a material data breach in the next 24 months.[3]

Recognizing the need and the opportunity, IBM Z has developed a new suite of data protection technologies collectively labeled “pervasive encryption.” Essentially, pervasive encryption means that IBM Z mainframes now encrypt data at the host level, in-flight across the network, and at rest in storage. The benefits can be significant. Pervasive encryption can:

  • Decouple encryption from data classification
  • Reduce the risks associated with undiscovered or misclassified sensitive data
  • Make it more difficult for attackers to identify sensitive data
  • Help protect an organization’s digital assets

Pervasive encryption provides a transparent approach to enable extensive encryption of data. IBM DS8880 data systems and the IBM TS7700 family of virtual tape solutions both provide transparent encryption. Because of their integration with IBM Z and their abilities to access IBM internal integration capabilities, cross-teaming, testing, and design resources, DS8880 and TS7700 storage solutions can offer powerful advantages over non-IBM storage systems.

CybersecurityTS7700 virtual tape solutions offer excellent examples of how IBM Storage complements the IBM Z pervasive encryption strategy. TS7700 is now in the fifth generation of IBM tape virtualization products for mainframes. TS7700 solutions help mainframe users to implement a fully-integrated tiered storage hierarchy of disk and tape and leverage the benefits of virtualization. Powerful grid architecture capabilities offer interconnection of TS7700 tape systems to form a variety of grid configurations that can provide availability and disaster recovery.

TS7700 systems provide a number of additional data protection features such as support for an external encryption key manager or internal encryption key management, encryption-enabled disk drives, encryption-capable tape drives and the ability to manage the use of encryption and keys down to the individual storage pool level. TS7700 systems also offer Secure Data Erase to help manage the security of old data. And of course, tape offers the advantages of portability and encryption, which allows for an “air gap” between data and online hackers, providing an effective safeguard against cyberattacks.

Data protection is a key component in creating business value, supporting business growth and enabling consistent worker productivity. IBM mainframe users are already starting to implement pervasive encryption as part of their corporate data protection strategies.

Thanks to their data protection and encryption features, plus their unique integration with IBM Z, TS7700 and DS8880 systems offer powerful complements on the storage side for mainframe-based enterprises moving ahead with the latest data protection solutions.

Find more information here.

[1] SparkCognition: SparkSecure (https://sparkcognition.com/sparksecure/)

[2] ESG Research Report: 2017 IT Spending Intentions Survey, March 2017

[3] Ponemon Institute: 2017 Cost of Data Breach Study: Global Overview, June 2017 (https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03130WWEN&)

More Encryption stories

Powerful new storage for your mission-critical hybrid multicloud

Flash storage, Multicloud, Storage

Cloud computing and mainframes processors are two of the most important contributors in information technology solutions. They are increasingly being linked together to unlock value for clients. 85 percent of companies are already operating in multicloud and by 2021, most existing apps will have migrated to the cloud. [1] At the same time, mainframe utilization ...read more


A conversation about metadata management featuring Forrester Analyst Michele Goetz

AI, Big data & analytics, Storage

I recently had an opportunity to speak with Forrester Principal Analyst Michele Goetz following a research study on the subject of metadata management conducted by Forrester Consulting and commissioned by IBM. Michele’s research covers artificial intelligence technologies and consultancies, semantic technology, data management strategy, data governance and data integration, and includes within its scope the ...read more


Phoenix Systems and Kore Technologies bring bank-grade security to blockchain-based digital assets

Blockchain, Data security, LinuxONE solutions

From time to time, we invite industry thought leaders to share their opinions and insights on current technology trends to the IT Infrastructure blog. The opinions in these blogs are their own, and do not necessarily reflect the views of IBM. As blockchain technology flourishes, so do new protocols for managing currency exchanges, financial transactions, ...read more