You are currently on IBM Systems Media’s archival website. Click here to view our new website.


Pervasive Encryption is the No-Compromise Approach to Data Protection on IBM z14

pervasive encryption

How secure is your company’s data? The Ponemon Institute’s Cost of a Data Breach Study ( shows the likelihood your organization will have a data breach within the next two years is 27.7 percent. In 2017, Ponemon estimates the cost of a data breach to average $3.62 million. It may be time to ask yourself if your organization is willing to take that risk.

In an attempt to minimize the threat of a breach, enterprises deploy firewalls and DMZs, purchase different software systems and make application changes. However, the results are mixed at best. According to a report from analyst firm Solitaire Interglobal, of the 11.2 billion records breached in the last three years, fewer than 3.5 percent were encrypted (

“Organizations no longer have to choose what data to encrypt, they can simply encrypt all of the data, reducing the impact of a data breach and drastically simplifying compliance.”
—Nick Sardino, program director, IBM Z Offering Management

What about regulations? Organizations in a variety of industries must comply with an alphabet soup of regulations including HIPAA, Sarbanes-Oxley Act of 2002, PCI DSS and the new European Union General Data Protection Regulation. Regulated industries, like financial services, have the most costly data breaches because of fines and a higher than average rate of lost business and customers. In fact, in 2016, 24 percent of breaches affected financial organizations, according to the Verizon 2017 Data Breach Investigations Report.

As regulations grow increasingly complex, many hours per week are spent just understanding and interpreting them and the various changes that need to be made. Implementation of the controls can be costly, and policies need to be regularly assessed and updated. Audits—including internal, external and federal as well as those by customers and other third parties—occur on a regular and ongoing basis and can be costly and taxing for organizations.

Think about these pain points in concert with the reality that the IBM mainframe is a powerful tool that drives the digital economy. Trust is the currency that drives this new economy. It’s the foundation of digital relationships and demands security, transparency and greater value in every interaction and transaction.

With these facts in mind, IBM equipped the new z14* system with pervasive encryption. Transitioning away from selective encryption to end-to-end protection helps organizations secure all of their enterprise data while reducing the cost and complexity of meeting compliance mandates.

“Strong walls and perimeter defenses are no longer adequate to shield organizations from cyberattacks. We must view data as the new perimeter, and put the security controls for the data on the data itself,” says Nick Sardino, program director, IBM Z* Offering Management. “That means implementing strong encryption of data wherever it resides.”

The New Standard

Encryption is perceived as complex. Organizations struggle with determining which data should be encrypted, where encryption should occur (e.g., hardware, database, applications, etc.) and which business unit or executive is responsible for it (e.g., the CSO, DBA, line of business, etc.).

Because the responsibility for encryption is unclear, many companies only encrypt what’s required for compliance. Often this means encryption occurs at the application level. Doing so is costly because it requires people with the skills to handle the encryption, and ongoing maintenance is needed throughout the application lifecycle. Application outages often impact encryption, and application updates may be necessary to comply with regulatory changes. It can also be time consuming to determine what data needs to be encrypted. “Encrypting only the data required for compliance should be viewed as a minimum threshold, not a best practice,” explains Sardino.

Evelyn Hoover is the content director of IBM Systems magazine. She can be reached at



2019 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.

Application Integration With PCI

The problematic nature of PCI-compliance application integration makes research, analysis and planning important. It can also greatly simplify and reduce the effort involved.

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store
Mainframe News Sign Up Today! Past News Letters