Security

Highly distributed computing, extensive online collaboration, explosive data growth and regulatory requirements have combined to make information security more critical and more complex than ever for organizations today. Security threats have intensified and become increasingly complex to manage.

Many organizations are discovering the advantages of making System z the enterprise security hub. Resilience and security have long been hallmarks of mainframe computing. Making System z the enterprise security hub also enables organizations to take advantage of mainframe extensibility and scalability to consolidate disparate systems to improve efficiencies, standardize operations (especially after mergers or acquisitions) and streamline security management across all computing resources.

With greater than 45 years of integration between hardware and software, IBM System z servers and security software are designed to provide a secure infrastructure. This includes protecting sensitive business critical data, sharing information internally as well as externally, providing enhanced encryption and key infrastructure capabilities, protecting user privacy, providing an extensive audit trail with compliance reporting, reducing fraudulent activities, allowing centralized administration, securing virtualization, and protecting information traveling across the network while maintaining high levels of infrastructure, application and data availability.

With the Common Criteria Evaluation Assurance Level 5 (EAL5) awarded by International Standards Organization, System z has the highest security rating or classification for any commercially available server. The EAL5 ranking can provide customers the assurance and confidence that they can run many different applications containing confidential data on one System z which is divided into partitions that keep each application’s data secure and distinct from the others. This isolation allows images supporting different operating systems to run in different partitions on a single mainframe.

Many of world’s top banks and retailers rely on the mainframe to help secure sensitive business transactions. The best way to secure information is to encrypt it. System z provides exceptional performance and function via cryptographic coprocessors and accelerators that are individually specialized to address various encryption needs.

The z196 supports Elliptic Curve Cryptography (ECC), an emerging public-key algorithm. ECC provides the same or better security with much shorter key lengths than RSA keys. It is appropriate in resource constrained environments such as smart cards which may have limited space for the storage of storage keys. The z196 also supports key ANSI and ISO standards for the banking and finance industry.