New IBM Z mainframe takes on encryption

Fernando Stephens
July 17, 2017

IBM has rolled out what it called the biggest revamp of mainframe technology in more than a decade with a system that aims to stem the damage caused by data breaches through pervasive encryption.

The IBM Z has been designed specifically to make encryption easier to deploy on a large scale. And only 4% of those records were encrypted, which means that a majority of the captured data was still valuable to attackers.

And of course, IBM's solution doesn't stop hackers from taking data - it just prevents them from reading that data. One such is IBM's own Cloud Blockchain, which the company said is already using the new IBM Z to encrypt and secure services in six centers around the world.

The timing is handy given the surge in data breaches and regulations such as the EU's General Data Protection Regulation.

"The vast majority of stolen or leaked data today is in the open and easy to use because encryption has been very hard and expensive to do at scale", stated Ross Mauri, general manager for IBM Z. "The encryption is critical for all industries".

The new encryption technology will also help mainframe customers meet new data compliance requirements, such as the European Union's General Data Protection Regulation, said Judith Hurwitz, president of Hurwitz & Associates, a market research, consulting and analyst firm. "Security is a board level issue". IBM said the Z represents the "most significant system overhaul" in more than 15 years. IBM commissioned research firm Solitaire Interglobal to study the impact of pervasive encryption on businesses. There will certainly be an upgrade cycle, but what's unclear is whether IBM can expand the reach of the IBM Z with its approach to encryption.

"The pervasive encryption that is built into, and is created to extend beyond, the new IBM Z really makes this the first system with an all-encompassing solution to the security threats and breaches we've been witnessing in the past 24 months", said Peter Rutten, analyst at IDC's servers and compute platforms group.

Facebook is rolling out Facebook Ads Globally
Like Google, the social network frequently experiments with new ideas, and groups of users are often used to beta test features. However, that has changed and the fee has been permanently removed, which means that WhatsApp is now totally free of charge.

Sacconaghi said he has seen a decline in mainframe hardware revenues from a historic $3bn - $4bn a year to $2bn in fiscal 2016, attributable to fewer new workloads or volumes moving to the mainframe, and some potential migration of Linux workloads off the mainframe. Engineers have been working on the base technologies for IBM Z for 5 years.

Pund-IT analyst Charles King says, however, that the container pricing approach has the potential to be more cost-effective in the long run than earlier mainframe pricing schemes.

"We can eliminate those classes of users from risk if their IDs get hacked or attacked", he said. Obviously, if data is spilled or stolen somehow, at least if it's encrypted, it can't be used by cybercriminals (or that's the theory). It protects encryption keys with so-called tamper responding hardware which invalidates keys at any sign, and IBM says they can be restored in safety.

Encrypted application programming interfaces so developers can build applications and services.

These pricing models are scalable within and across logical partitions (LPARs) and provide better metering, capping and billing.

Even where a business is running development, test and production environments on the same machine, there is cryptographic separation between the environments, Jordan said.

These new pricing models will be available by the end of the year for z/OS V2.2 and z/OS V2.3. According to the press release, the IBM Z is capable of of handling more than 12 billion encrypted transactions each day.

Other reports by BadHub

Discuss This Article