IBM Z Mainframe Talks Total Encryption

Monday, July 17, 2017 @ 04:07 PM gHale


In the mainframe world, security this week took a step forward.

That is because the newest IBM Z mainframe computer will be able to encrypt all the data in an enterprise all the time, bringing encryption to everything from cloud services to databases.

RELATED STORIES
Ransomware Attack Part II
Monitoring Network Could Help Find Attack
Grid Attack: Understand ‘What We Will See Tomorrow’
Ukraine Attack: An Insider’s Perspective

The IBM Z can run more than 12 billion encrypted transactions per day.

This kind of encryption makes sense for security, but it wasn’t done in the past because was very expensive and takes a lot of computing cycles.

IBM said in 2016 more than 4 billion data records ended up compromised, a 556 percent increase over 2015. Of the 9 billion records breached over the past 5 years, only 4 percent were encrypted.

Despite these statistics, compounded by a wave of new regulations, no significant progress has been made in terms of encrypting data on a massive scale, IBM said. In responding to this problem, the company enlisted 150 clients to advise in the development of the IBM Z, which represents one of the biggest overhauls in 15 years.

IBM dedicated 400 percent more silicon to cryptographic algorithms in the processors for the IBM Z. Until now, companies have had to selectively encrypt small chunks of data at a time, which is a time- and labor-intensive task.

The system can deal with huge data breaches, and it automates compliance for the European Union’s General Data Protection Regulation. IBM said it encrypts data 18 times faster than Intel-based (x86) platforms, at 5 percent of the cost.

The company is also announcing new IBM blockchain cloud data centers, using IBM Z as the encryption engine. The engine makes it possible to encrypt all data associated with any application, cloud service, or database, all the time. That means that when data is transferred from one place to another, it isn’t in a form that can be easily stolen by malicious hackers.

The IBM Z features the industry’s fastest microprocessor and a new scalable system structure that delivers a 35 percent capacity increase for traditional workloads and a 50 percent capacity increase for Linux workloads, compared to the previous generation IBM z13.

Encryption is largely absent in corporate data centers, and even in cloud data centers, because current solutions for data encryption in the x86 environment dramatically degrade performance and user experience and are too complex and expensive to manage for regulatory compliance, IBM said. As a result, only about 2 percent of corporate data is encrypted today. By contrast, more than 80 percent of mobile device data is encrypted.

The IBM study found extensive use of encryption is a top factor in reducing the cost of a data breach, resulting in a $16 reduction in cost per lost or stolen record.

IBM Z can protect millions of keys (as well as the process of accessing, generating, and recycling them) in “tamper responding” hardware that causes keys to self-destruct at any sign of intrusion and then reconstituted in safety.



Leave a Reply

You must be logged in to post a comment.