What is pervasive encryption for IBM Z?
Related information
Pervasive Encryption for IBM Z® is a consumable approach to enable extensive encryption of data in-flight and at-rest to substantially simplify encryption, and reduce costs associated with protecting data.
Pervasive Encryption for IBM Z® can be used in conjunction with full disk and tape encryption, database encryption, and application encryption.
- Full disk and tape encryption
- Full disk and tape encryption protects against intrusion, tamper or removal of physical infrastructure.
- File or data set encryption
- File or data set encryption is managed through z/OS®, and provides simple policy controls that allow clients to protect data in mission critical databases including DB2®, IMS™ and VSAM. Additionally, z/OS data set encryption gives clients the ability to eliminate storage administrators from the compliance scope.
- Database encryption
- Database encryption provides selective encryption and granular key management control of sensitive data.
- Application encryption
- Application encryption is used to encrypt sensitive data when lower levels of encryption are not available or suitable.
z/OS provides the following capabilities for pervasive encryption: z/OS data set encryption, z/OS Coupling Facility encryption, and z/OS Encryption Readiness Technology (zERT).
For access to interactive resources related to Pervasive Encryption for IBM Z®, see Pervasive Encryption for IBM Z .