Encryption

Pervasive protection

Share this post:

Perhaps as many as 45,000 cyberattacks occur around the world each day.[1] It’s easy to understand why cybersecurity is the top IT spending priority for businesses large and small, and has been for years.[2]

Data breaches are costly. In the United States, the average cost of lost business from a data protection failure reached $4.13 million per incident in 2017. Around the world, the average cost for a single lost or stolen record containing sensitive and confidential information topped $141 dollars, with some companies losing tens of thousands of records at a time, if not millions. Increased customer turnover, additional customer acquisition activities, damaged reputation and diminished goodwill all contribute to the cost of a data breach. And don’t kid yourself; security analysts estimate there’s more than a 27 percent chance that your organization will have a material data breach in the next 24 months.[3]

Recognizing the need and the opportunity, IBM Z has developed a new suite of data protection technologies collectively labeled “pervasive encryption.” Essentially, pervasive encryption means that IBM Z mainframes now encrypt data at the host level, in-flight across the network, and at rest in storage. The benefits can be significant. Pervasive encryption can:

  • Decouple encryption from data classification
  • Reduce the risks associated with undiscovered or misclassified sensitive data
  • Make it more difficult for attackers to identify sensitive data
  • Help protect an organization’s digital assets

Pervasive encryption provides a transparent approach to enable extensive encryption of data. IBM DS8880 data systems and the IBM TS7700 family of virtual tape solutions both provide transparent encryption. Because of their integration with IBM Z and their abilities to access IBM internal integration capabilities, cross-teaming, testing, and design resources, DS8880 and TS7700 storage solutions can offer powerful advantages over non-IBM storage systems.

TS7700 virtual tape solutions offer excellent examples of how IBM Storage complements the IBM Z pervasive encryption strategy. TS7700 is now in the fifth generation of IBM tape virtualization products for mainframes. TS7700 solutions help mainframe users to implement a fully-integrated tiered storage hierarchy of disk and tape and leverage the benefits of virtualization. Powerful grid architecture capabilities offer interconnection of TS7700 tape systems to form a variety of grid configurations that can provide availability and disaster recovery.

TS7700 systems provide a number of additional data protection features such as support for an external encryption key manager or internal encryption key management, encryption-enabled disk drives, encryption-capable tape drives and the ability to manage the use of encryption and keys down to the individual storage pool level. TS7700 systems also offer Secure Data Erase to help manage the security of old data. And of course, tape offers the advantages of portability and encryption, which allows for an “air gap” between data and online hackers, providing an effective safeguard against cyberattacks.

Data protection is a key component in creating business value, supporting business growth and enabling consistent worker productivity. IBM mainframe users are already starting to implement pervasive encryption as part of their corporate data protection strategies.

Thanks to their data protection and encryption features, plus their unique integration with IBM Z, TS7700 and DS8880 systems offer powerful complements on the storage side for mainframe-based enterprises moving ahead with the latest data protection solutions.

Find more information here.

[1] SparkCognition: SparkSecure (https://sparkcognition.com/sparksecure/)

[2] ESG Research Report: 2017 IT Spending Intentions Survey, March 2017

[3] Ponemon Institute: 2017 Cost of Data Breach Study: Global Overview, June 2017 (https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03130WWEN&)

Business Line Executive, Storage Networking and DRI Tape Solutions, IBM Systems

More Encryption stories

IBM FlashSystem 9100 – The core of the data-driven multi-cloud enterprise

IBM believes that today there is only one kind of successful enterprise – the data-driven multi-cloud organization.[1] We can see the needs of data-driven businesses reflected in some of the most powerful trends currently driving enterprise data storage: Non-Volatile Memory Express (NVMe), artificial intelligence, multi-cloud, containers and more.[2] The question becomes: “Is there a storage […]

Continue reading

IBM Elastic Storage Server adds Storage Utility Offering option

IBM introduces a flexible procurement method that aligns your unstructured data capacity costs to your business initiatives. Buy scale-out file and object storage with cognitive data management your way. Unstructured data creation continues at an explosive and accelerating rate and does not appear to be slowing down. Customers are looking to their trusted IT partners […]

Continue reading

Powering business at the speed of life

Mark Peters, Practice Director and Senior Analyst at Enterprise Strategy Group (ESG) observes: “Time and again our market research reminds us that it’s the needs of overall business, more than any other factors, that drive the choice and adoption of IT technologies. And, whatever those overall needs, what’s equally clear is that right now businesses […]

Continue reading