IBM's new mainframe keeps everything encrypted, all the time

IBM Z mainframe ushers in a new era of data protection with pervasive encryption

IBM's new mainframe automatically encrypts all your company's data

Encryption is now too complex and expensive to manage for regulatory compliance, despite the fact that extensive use of encryption is a top factor in reducing the business impact and cost of a data breach, according to a recent IBM study. This is 18-times faster compared to x86 systems (that today only focus on limited slices of data) and at just five percent of the cost compared to x86-based solutions. The new system also introduces a new encryption engine that the company says will, for the first time, make it possible to pervasively encrypt data associated with any application, cloud service or database all the time.

Mainframe-based IBM Z is capable of running more than 12 billion encrypted transactions per day.

In contrast, the z14 can encrypt every file - or data set in IBM Z parlance - and restrict who can access the keys, said Mike Jordan, distinguished engineer with IBM z Systems Security: Privileged users such as storage administrators, for example, will be able to move or copy files to do their job, but won't be able to decrypt them.

What the IBM Z does is encrypt all data for an application or cloud service or in a database whether the data is being used actively or residing "at rest". The IBM Z key management system is created to meet Federal Information Processing Standards (FIPS) Level 4 standards, where the norm for high security in the industry is Level 2.

All that said, it's probably going to take more than total encryption for a company to spring for a mainframe unless it's core to their business, according to analyst Roger L. Kay from the firm, Endpoint Technologies Associates, Inc.

A recent Ponemon Institute study found that extensive use of encryption is a top factor in reducing the business impact and cost of a data breach, reducing cost on average by $125 per record. IBM has therefore also announced that six IBM Cloud Blockchain data centres will beusing IBM Z as their encryption engine, namely those in Dallas, London, Frankfurt, Sao Paolo, Tokyo and Toronto.

It is becoming increasingly important for organisations to be able to prove that data is protected in the face of regulations like the EU's General Data Protection Regulation (GDPR) and encryption requirements set for financial institutions by regulators in the Singapore, Hong Kong, and the USA at a federal and state level.

The company outlined three container pricing models for affordable and flexible cloud-based deployments, including for new microservices and applications, application test and development and payment systems. They will face fines of up to 4pc of annual worldwide revenues, or €20m, unless the organisation can demonstrate that data was encrypted and the keys were protected. It offers real-time, self-service verification of protection and encryption, and provides an audit trail showing whether permissioned insiders accessed data. "Enterprise clients also benefit from the ease of use making management transparent to the application and the user".

Encrypted application programming interfaces so developers can build applications and services.

IBM Z builds on top of what IBM's transaction engine can already do, which includes handling 87 percent of all credit card transactions and almost $8 trillion payments a year, 29 billion ATM transactions each year (worth almost $5 billion per day), 4 billion passenger flights each year, and more than 30 billion transactions a day.

The world's largest MongoDB instance with 2,5-times faster NodeJS performance than x86-based platforms.

IBM wants businesses to use its new z14 mainframe to encrypt pretty much everything - an approach to security it calls pervasive encryption.

1 000 concurrent NoSQL databases. There can be up to 32TB of memory, three times the z13 maximum, and its IO is three times faster as well.

Latest News