Security and compliance with automation, monitoring and reporting
Streamline compliance for your mainframe
Reduce audit prep to one week from one month, lowering team involvement by over 40%.
Keep automating current tracking despite regulatory drifts, using a unified compliance dashboard.
Simplify processes and prevent misinterpretation of regulations by inexperienced users.
Automate data collection and validation to enhance compliance oversight visibility.
Use cases
Translation of regulations to IBM Z and LinuxONE-specific controls add clarity. A centralized, interactive dashboard displays baseline standards. Time-stamped evidence can be captured for a variety of industries.
See how your new or changing business requirements could affect regulation compliance. Clear, jargon-free mapping to the regulations helps you control your business’ infrastructure.
See how different regulations overlap or differ when it comes to security controls. You can automate the data-gathering process to save time and effort.
Quickly gather trustworthy evidence that is time-stamped, immutable and from a clear source. Compliance is shown over time, not just a snapshot, with a tool that “runs silently".
Attempting to maintain your mainframe compliance manually, in an antiquated, periodic, labor-intensive process is not worth the risk. Automation of compliance preserves budget and staff focus.
Translation of regulations to IBM Z and LinuxONE-specific controls add clarity. A centralized, interactive dashboard displays baseline standards. Time-stamped evidence can be captured for a variety of industries.
See how your new or changing business requirements could affect regulation compliance. Clear, jargon-free mapping to the regulations helps you control your business’ infrastructure.
See how different regulations overlap or differ when it comes to security controls. You can automate the data-gathering process to save time and effort.
Quickly gather trustworthy evidence that is time-stamped, immutable and from a clear source. Compliance is shown over time, not just a snapshot, with a tool that “runs silently".
Attempting to maintain your mainframe compliance manually, in an antiquated, periodic, labor-intensive process is not worth the risk. Automation of compliance preserves budget and staff focus.
Industry standards
IBM Z Security and Compliance Center follows multiple industry standards to meet the increasing regulatory compliance requirements on a global scale.
Related products
Frequently asked questions (FAQ)
The IBM Z Security and Compliance Center can be deployed from z15 or z16®. In addition, it can be deployed natively on LinuxOne. IBM Z Security and Compliance Center can collect data from any system running z/OS 2.4 version or newer.
Yes, this solution requires the use of OpenShift® Container Platform on Linux on IBM Z. Additionally, we now support IBM zCX Foundation for Red Hat® OpenShift (for native z/OS deployment).
Yes, if you are running z/OS 2.4 or later.
The initially available version of the IBM Z Security Compliance Center will feature predefined 1-to-1 mappings of IBM Z controls to requirements specified in the following standards.
- PCI DSS v3.2.1
- NIST SP800-53
- CIS Benchmarks
Additional standards will be considered in the future based on user feedback.
Yes, you can create your own profiles and groups of controls using a selection of hundreds of technical checks that the IBM Z Security Compliance Center can perform out of the box. You can also import an extensive set of predefined mappings as a basis for your security procedures.
Through this process, the application may be used to prepare your organization for regulatory frameworks not covered by initially available predefined mappings, as well as for internal requirements that are specific to your organization.
Yes, for z/OS systems you can select which LPARs will be in the scope of your scan.
The IBM Z Security Compliance Center automates the collection of compliance relevant data on IBM Z and Linux on IBM Z.
The application contains predefined 1-to-1 mappings of security controls written for IBM Z components (such as RACF, Db2, IBM CICS, IBM IMS, and IBM MQ) to requirements from regulatory frameworks (such as PCI DSS). These mappings were defined by the IBM Z Security team and have been validated with auditors.
Additionally, the solution includes an interactive, customizable dashboard displaying the security controls validated for each requirement, as well as which resources passed and failed. The solution also reports on compliance drift: how compliance posture has changed from one point in time to another.
Yes. You can view detailed scan results in the IBM Z Security Compliance Center dashboard, or a report generated by the application.
For each technical check, you can view a list of all the IBM Z resources that have passed and failed across multiple sysplexes.
You may also view the logic of each scan performed by the application to see exactly what it checked.
The IBM Z Security Compliance Center is equipped with a microservice which sends an ENF signal to all compatible IBM Z components, triggering them to generate compliance data in an enhanced SMF record that has been custom built for this application.