PCI DSS Compliance and System z – A Combination That Makes Sense
"It is not enough to be honest – you must also protect your assets and your customers from those who are not...This means that enterprise IT systems are no longer primarily IT systems. They are primarily business systems – and, in business, security cannot be a haphazard after thought." — Anne MacFarland, analyst for The Clipper Group.
|
 |
 |
|
The Brave New World of PCI DSS – Why You May Need to Think Differently about Your Systems Architecture(s)
"Don't fall for the mythology; take a closer look at why the Mainframe may be the best vehicle to achieving your PCI DSS goals." — Mike Kahn, analyst for The Clipper Group.
|
|
|
|
Security Advantages of IBM System z9 and Virtualization on z/VM, Sine Nominee
This white paper is an excellent high level overview of the Security Advantages of the z9 BC in conjunction with z/VM.
|
|
|
|
IBM System z Servers: Security-Rich by Design
With the unique hardware engineering of System z mainframes and the z/OS operating system, combined with flexible and customer tailorable security capabilities, a customer who chooses to invest in System z mainframes is provided with both freedom and safety. It's a combination that has served both System z and its users well over the technology's forty-odd-year history.
|
|
|
|
IBM System z Security Covers the Enterprise End to End by Anne MacFarland, The Clipper Group
The more the mainframe secures, the better the security across the enterprise. To be effective, security must match the scope of enterprise business processes, yet not impar process efficiency. What is needed is an integrated security solution - with the ability to spread, where needed - to secure business processes and business information; this is an attractive and much saner proposition. The mainframe has been working in this mode and meeting such challenges for a long time. System z offers well-honed and time-tested capabilities that help you achieve security, corporate governance, and regulatory compliance without changing how you do business.
|
|
|
|
The Challenge of Enterprise Security by Mike Kahn, The Clipper Group
The challenge of enterprise security is explored. Managing and protecting applications, data and users in today's enterprise environment are complex tasks. The challenges of serving and protecting, how they compound one another, and what you really need to do to be secure is reviewed.
|
|
|
|
Picking up the value of PKI by Jerald Murphy, Robert Frances Group
Leveraging z/OS for Improving Manageability, Reliability and Total Cost of Ownership of PKI and Digital Certificates.
|
|
|
|
Technical Security Advantages of System z9 and Virtualization on z/VM, Sine Nomine Associates
This paper focuses on the technical benefits brought to the data center by the IBM z9 in the areas of security and ease of management for security functionality. It specifically addresses the benefits of virtualization within the context of reducing migration risk.
|
|
|
|
IBM System z Strengths and Values
This IBM Redbook describes the strengths and values of the IBM System z platform with special focus on IBM z/OS. This redbook focuses on the role that the System z environment plays in the business solution, especially with the deployment of new workloads and to address security, availability, and scalability.
|
|
|
|
Introduction to the New Mainframe: Security
This IBM Redbook provides students of information systems with the background knowledge and skills necessary to begin using the basic security facilities of IBM System z. It enables a broad understanding of both the security principles and the hardware and software components needed to insure that the mainframe resources and environment are secure.
|
|
|
|
Enterprise Security Architecture Using IBM Tivoli Security Solutions
This IBM Redbook looks at the overall Tivoli Enterprise Security Architecture. It focuses on the integration of audit and compliance, access control, identity management, and federation throughout extensive e-business enterprise implementations. The available security product diversity in the marketplace challenges everybody in charge of designing single secure solutions or an overall enterprise security architecture. With Access Manager, Identity Manager, Security Operations Manager, Federated Identity Manager, Security Compliance Manager, Directory Server, and Directory Integrator, Tivoli offers a complete set of products designed to address these challenges.
|
|
|
|
z/OS UNIX Security Fundamentals
This IBM Redpaper introduces the z/OS UNIX security model and implementation to MVS knowledgeable and security-minded users. It does not address in detail all the wealth of specific security features available in z/OS UNIX, but rather the base principles of operation and the mechanisms implementation with setup recommendations.
|
|
|
|
IBM Tivoli Storage Manager Building a Secure Environment
Many people want to be famous, but nobody wants to hit the headlines in an incident resulting in the theft or misuse of their employees' or clients' confidential data. While the necessity of securing the confidentiality, integrity, and availability of the enterprise's servers and data is well known, the backup server is often overlooked in the security planning process. This redbook will take you through the various security features of Tivoli Storage Manager, and show you how to use them, together with best practice principles, to design, implement, and administer a more secure backup management environment. We will cover passwords, administrative levels of control, the vital role of encryption, and procedures for managing offsite data, among other topics.
|
|
|
|
IBM Tivoli Access Manager for Enterprise Single Sign-On
Everyone feels the pain of too many passwords to remember, and everyone can relate to the security exposure of weak passwords, chosen for convenience or passwords placed in proximity to the workstation for a quick reminder that, unfortunately, can allow more than the intended user into the system and network.
This book introduces IBM Tivoli Access Manager for Enterprise Single Sign-On V6.0, which provides single sign-on to many applications without a lengthy and complex implementation effort. Whether you are deploying strong authentication, implementing an enterprise-wide identity management initiative, or simply focusing on the sign-on challenges of a specific group of users, this solution can deliver the efficiencies and security that come with a well-crafted and comprehensive single sign-on solution.
|
|
|
|
SOA Transition Scenarios for the IBM z/OS Platform
This IBM Redbook focuses on the process of transitioning from an existing IT landscape on z/OS to an SOA-enabled landscape. So if you are a system architect or solution designer and you need to make decisions about SOA enablement or transitioning on the z/OS platform, this book offers an excellent starting point. It describes patterns, transition approaches, migration scenarios, and the features and functions of the available technology options. And specialists who are interested in technical details of the solutions will also find plenty of useful information. This publication will help you define an SOA strategy on z/OS, follow the appropriate implementation steps, and decide what technology to use. Much of the information is applicable to non-z/OS platforms as well.
|
|
|
|
Introduction to the New Mainframe: Large-Scale Commercial Computing
Today, mainframe computers play a central role in the daily operations of most of the world's largest corporations. The mainframe occupies a prominent place in today's e-business environment. In banking, finance, health care, insurance, utilities, government, and a multitude of other public and private enterprises, the mainframe computer continues to provide the foundation of large-scale computing to modern business.
The reasons for mainframe use generally fall into one or more of the following categories: capacity, scalability, integrity and security, availability, access to large amounts of data, system management, and autonomic capabilities. This IBM Redbook is designed for readers who already possess a basic knowledge of mainframe computing, but need a clearer understanding of how these concepts relate to mainframe planning, implementation, and operation.
|
|
|
|
Easing the Cost of Compliance by James Pickel
The Sarbanes-Oxley Act and other regulations require corporate executives to provide and ensure increased levels of financial and operational discipline. New features in DB2* V9.1 for z/OS can help ensure compliance by allowing better user accountability, providing end-to-end identity controls and improved auditing capabilities.
|
|
|
|
Consul Acquisition Allows IBM to Boost Mainframe Security
By Rob van Hoboken
IBM recently acquired Consul risk management to strengthen IBM's Service Management offerings, providing z/OS users the benefits of improved data governance and compliance monitoring capabilities. Consul's products will be added to the Tivoli brand as part of IBM's Service Management solutions.
|
|
|
|
Standing Guard by Mary Moore
A recurring nightmare for CIOs today is the threat of being the next business making headlines with a security breach. Find out how encryption can help.
|
|
|
|
Living Next Door to the DMZ by Peter Spera
Making the System z platform the ideal host for a business-critical DMZ.
|
|
|
|
Tivoli Identity Manager for z/OS
IBM Tivoli® Identity Manager provides a security-rich, automated and policy-based user management solution that helps address these key business issues across both existing systems and on demand business environments.
|
|
|
|
Federated Identity Management Solutions
Federated Identity Management (FIM for z/OS) provides a simple, loosely coupled model for managing identity and access to resources that span companies or security domains. Rather than replicate identity and security administration at both companies, FIM for z/OS provides a simple model for managing identities and providing them with access to information and services in a trusted fashion. For companies deploying Service Oriented Architecture (SOA) and Web Services, FIM for z/OS provides policy-based integrated security management for federated web services. The foundation of FIM for z/OS is trust, integrity, and privacy of data.
|
|
|
|
System z & Enterprise Tape Encryption
Find out why Jon Oltsik of ESG believes that tape encryption is long overdue and why he predicts it will become commonplace in the future. This 13 page white paper also discusses Enterprise Tape Encryption Architecture.
|
|
|
|
Financial Services Sector & Tape Encryption
This white paper discusses Enterprise Tape Encryption requirements for the banking industry. It highlights the need for a combination of outboard encryption and a services-based tape encryption architecture.
|
|
|
|
Linux Utilities for IBM System z
The Linux Utilities offer additional choices to assist in performing "commodity" security processing. Firewall along with other perimeter technologies are areas where Linux and z/OS can work together to help provide a security-rich environment. Read more in the White Paper: Linux Utilities for IBM System z.
|
|
|
|
Encrypting Tape Storage
Better tape security is a feature that many companies have sought to prevent the dangers inherent in tape distribution. Heeding this requirement, IBM™ System z™ developers and storage experts worked together to develop the latest encryption offerings. Find out what else Shirley Savage has to say about tape encryption in the July/August 2006 issue of IBM Systems Magazine/Mainframe Edition.
|
|
|
|
Mainframe Intrusion-Detection Services - Intruders Beware!
Mainframe edition July | August 2006
Security architects and corporate security officers are often faced with a common dilemma: opening the business to new opportunities by leveraging the Web, while balancing the need to protect information assets. Outside clients, hackers and even corporate employees can wreak havoc if there are security exposures in your IT infrastructure.
|
|
|
|
Risky Business - Mainframe Security Features Help Manage Risk
Mainframe Magazine edition July | August 2006
Regulatory Compliance is changing the way we work across the IT spectrum. This article focuses on how these changes evolved and the mainframe technology that is in place today to address security requirements and regulatory compliance.
|
|
|
|
Building a Compliance-Based Network Admission Control and Remediation Solution
This IBM Redbook discusses the IBM Integrated Security Solution for Cisco Networks, which offers a security-rich, policy-based security compliance and remediation solution for small, medium, and large businesses.
|
|
|
|
Security Solution: Certified on the Mainframe
z/OS 1.6 with the RACF® optional feature on IBM eServer zSeries systems achieved Controlled Access Protection Profile (CAPP) EAL3+ and Labeled Security Protection Profile (LSPP) EAL3+ compliance under the Common Criteria for Information Security Evaluation (CC). Learn how this strengthens your multilevel security strategy.
|
|
|
|
Multi-Level Security: Your Key to Data Safety
by Jim Porell, Chief Architect for Infrastructure IBM Systems Group
Multi-level security, with its capacity for sharing resources across several security compartments, can help you protect intellectual property, simplify your environment and save you money. Read more from this chapter of The Black Book on Corporate Security. |
|
 |
Download this chapter (338 KB) |
|
 |
How to order your own eBook or print copy |
|
|
|
Linux on System z Security
This white paper discusses the factors driving the demand for increased IT security and presents the comprehensive product and service offerings of IBM and its partners that run on System z systems and Linux. |
|
|
Download the white paper" (732 KB) |
|
|
|
IBM Systems Journal: Security on z/OS
This paper summarizes and explains the security functions available to a typical enterprise computing installation using the IBM z/OS operating system and Security Server.
|
|
|
|
Linux on IBM System z and S/390: Best Security Practices
This IBM Redbook discusses best security practices for running Linux as a z/VM guest on IBM System z and S/390 machines. This publication is intended for system administrators and IT architects responsible for deploying secure Linux servers running under z/VM.
|
|
|
|
