IBM Systems Magazine, Mainframe - January/February 2018 - 38

ADMINISTRATOR

encrypted data sizes. Take advantage of the
reduced cost of encryption on IBM z14 to layer
security and data protection.
Pervasive encryption includes Linux* on
z Systems* and LinuxONE*, where transparent
volume encryption is now available. It uses CPACF
protected keys to ensure clear key material isn't

exposed to software. When
configured to use AES-XTS,
which is recommended, volume
encryption enjoys the same CPACF
performance benefits on z14.
z/VM* V6.4 now supports
encrypted paging using CPACF to

Beyond RACF & SIEM:
Protecting the Realm When
Access Control Fails
Wednesday, January 17 | 1 ET / Noon CT
FEATURING:

Hoping no one attacks you
is not a solution!
If you are not worried about hackers
stealing mainframe data or imbedding
ransomware, you should be.
In large organizations credential theft is
an everyday occurrence. Traditional access control solutions (RACF, CA-ACF/2,
CA-TopSecret) are ineffective when they
are up against stolen credentials. By
the time SIEM event logging determines
a problem exists, it is typically far too
late. MainTegrity and zDetect eliminate
these exposures, bringing a new dimension of security to the mainframe world.

Allen Saurette
Security Evangelist
MainTegrity Inc.
SPECIAL GUEST:

Chad Rikansrud
Managing Director NA
RSM Partners

Register Today: webcasts.com/ibmsystemsmag
sponsored advertising content

38 // JANUARY/FEBRUARY 2018 ibmsystemsmag.com

prevent access to sensitive data
on volumes.

Encrypting
Data in Transit
End-to-end encryption, which
includes encryption of data in
transit outside and within the
network, is a best practice for data
protection. Encryption of data at
rest at application, database and
data set levels is performed on the
host; thus, data flowing over the
SANs is encrypted.
For external communications,
z/OS applications can use
either SSL/TLS directly or
Application Transparent TLS
(AT-TLS) to encrypt network
traffic by policy. VPNs are
supported for node-to-node
application-transparent encryption
using Internet Protocol Security
and Internet Key Exchange.
Secure Shell using z/OS OpenSSH
is supported for secure FTP and
secure terminal access.
z/OS 2.3 Communications
Server introduces the z/OS
Encryption Readiness Technology
(zERT), for monitoring traffic
and auditing cryptographic
algorithms and key sizes
negotiated for connections.
zERT can help identify users
affected by cryptographic
vulnerabilities through new SMF
Type 119 Subtype 11 records,
which include information
about user IDs, address spaces,
crypto protocols, job names,
IP addresses, ports, negotiated
cipher suites and algorithms.
Data on IBM Z also flows through
coupling facilities (CFs), which
allow shared, serialized access
across LPARs. z/OS 2.3 allows
CFs to encrypt list and cache
structures to prevent sensitive
data leakage. When enabled,
CFs invoke ICSF to generate a
secure key and transform the key
into a protected key for use with
CPACF. CF encryption is entirely


http://www.webcasts.com/ibmsystemsmag http://www.webcasts.com/ibmsystemsmag http://www.ibmsystemsmag.com

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe - January/February 2018

Table of Contents
Editor's Desk: Encryption Importance
Partner POV: Protect Your Assets: An application view of data is important for a point-in-time recovery
Currents: A Human-Centric Approach: IBM Design Thinking leads to an elevated user experience
Feature: Battle-Tested Tools: USAA integrates applications and data across platforms using RESTful APIs
Cover Story: Enterprise Peace of Mind: IBM z14 pervasive encryption protects all data
Feature: Worldwide Preparation: How IBM Z addresses GDPR compliance with pervasive encryption
Special Report: Rising to the Challenge: Survey shows opportunities for Linux on POWER
TECH Showcase: A Plan in Place: Determine which of the 7 levels of business continuity is right for you
Administrator: Improved Protection: Pervasive encryption features include integrated cryto hardware, key management, encryption of data at rest and data in flight, and Secure Service Container support
StopRun: Enthusiastic Education: Instructor brings the mainframe to eager students
Reference Point - Global Events, Education, Resources for Power Systems
2018 Mainframe Solution Edition
IBM Systems Magazine, Mainframe - January/February 2018 - Intro
IBM Systems Magazine, Mainframe - January/February 2018 - Cover1
IBM Systems Magazine, Mainframe - January/February 2018 - Cover2
IBM Systems Magazine, Mainframe - January/February 2018 - 1
IBM Systems Magazine, Mainframe - January/February 2018 - Table of Contents
IBM Systems Magazine, Mainframe - January/February 2018 - 3
IBM Systems Magazine, Mainframe - January/February 2018 - 4
IBM Systems Magazine, Mainframe - January/February 2018 - 5
IBM Systems Magazine, Mainframe - January/February 2018 - Editor's Desk: Encryption Importance
IBM Systems Magazine, Mainframe - January/February 2018 - 7
IBM Systems Magazine, Mainframe - January/February 2018 - Partner POV: Protect Your Assets: An application view of data is important for a point-in-time recovery
IBM Systems Magazine, Mainframe - January/February 2018 - 9
IBM Systems Magazine, Mainframe - January/February 2018 - Currents: A Human-Centric Approach: IBM Design Thinking leads to an elevated user experience
IBM Systems Magazine, Mainframe - January/February 2018 - 11
IBM Systems Magazine, Mainframe - January/February 2018 - 12
IBM Systems Magazine, Mainframe - January/February 2018 - 13
IBM Systems Magazine, Mainframe - January/February 2018 - Feature: Battle-Tested Tools: USAA integrates applications and data across platforms using RESTful APIs
IBM Systems Magazine, Mainframe - January/February 2018 - 15
IBM Systems Magazine, Mainframe - January/February 2018 - 16
IBM Systems Magazine, Mainframe - January/February 2018 - 17
IBM Systems Magazine, Mainframe - January/February 2018 - Cover Story: Enterprise Peace of Mind: IBM z14 pervasive encryption protects all data
IBM Systems Magazine, Mainframe - January/February 2018 - 19
IBM Systems Magazine, Mainframe - January/February 2018 - 20
IBM Systems Magazine, Mainframe - January/February 2018 - 21
IBM Systems Magazine, Mainframe - January/February 2018 - Feature: Worldwide Preparation: How IBM Z addresses GDPR compliance with pervasive encryption
IBM Systems Magazine, Mainframe - January/February 2018 - 23
IBM Systems Magazine, Mainframe - January/February 2018 - 24
IBM Systems Magazine, Mainframe - January/February 2018 - Special Report: Rising to the Challenge: Survey shows opportunities for Linux on POWER
IBM Systems Magazine, Mainframe - January/February 2018 - 26
IBM Systems Magazine, Mainframe - January/February 2018 - 27
IBM Systems Magazine, Mainframe - January/February 2018 - 28
IBM Systems Magazine, Mainframe - January/February 2018 - 29
IBM Systems Magazine, Mainframe - January/February 2018 - 30
IBM Systems Magazine, Mainframe - January/February 2018 - TECH Showcase: A Plan in Place: Determine which of the 7 levels of business continuity is right for you
IBM Systems Magazine, Mainframe - January/February 2018 - 32
IBM Systems Magazine, Mainframe - January/February 2018 - 33
IBM Systems Magazine, Mainframe - January/February 2018 - 34
IBM Systems Magazine, Mainframe - January/February 2018 - Administrator: Improved Protection: Pervasive encryption features include integrated cryto hardware, key management, encryption of data at rest and data in flight, and Secure Service Container support
IBM Systems Magazine, Mainframe - January/February 2018 - 36
IBM Systems Magazine, Mainframe - January/February 2018 - 37
IBM Systems Magazine, Mainframe - January/February 2018 - 38
IBM Systems Magazine, Mainframe - January/February 2018 - 39
IBM Systems Magazine, Mainframe - January/February 2018 - StopRun: Enthusiastic Education: Instructor brings the mainframe to eager students
IBM Systems Magazine, Mainframe - January/February 2018 - Cover3
IBM Systems Magazine, Mainframe - January/February 2018 - Cover4
IBM Systems Magazine, Mainframe - January/February 2018 - Reference Point - Global Events, Education, Resources for Power Systems
IBM Systems Magazine, Mainframe - January/February 2018 - SE
IBM Systems Magazine, Mainframe - January/February 2018 - 2018 Mainframe Solution Edition
IBM Systems Magazine, Mainframe - January/February 2018 - SECover2
IBM Systems Magazine, Mainframe - January/February 2018 - SE3
IBM Systems Magazine, Mainframe - January/February 2018 - SE4
IBM Systems Magazine, Mainframe - January/February 2018 - SE5
IBM Systems Magazine, Mainframe - January/February 2018 - SE6
IBM Systems Magazine, Mainframe - January/February 2018 - SE7
IBM Systems Magazine, Mainframe - January/February 2018 - SE8
IBM Systems Magazine, Mainframe - January/February 2018 - CT1
IBM Systems Magazine, Mainframe - January/February 2018 - CT2
IBM Systems Magazine, Mainframe - January/February 2018 - SE9
IBM Systems Magazine, Mainframe - January/February 2018 - SE10
IBM Systems Magazine, Mainframe - January/February 2018 - SE11
IBM Systems Magazine, Mainframe - January/February 2018 - SE12
IBM Systems Magazine, Mainframe - January/February 2018 - SE13
IBM Systems Magazine, Mainframe - January/February 2018 - SE14
IBM Systems Magazine, Mainframe - January/February 2018 - SE15
IBM Systems Magazine, Mainframe - January/February 2018 - SE16
IBM Systems Magazine, Mainframe - January/February 2018 - SE17
IBM Systems Magazine, Mainframe - January/February 2018 - SE18
IBM Systems Magazine, Mainframe - January/February 2018 - SE19
IBM Systems Magazine, Mainframe - January/February 2018 - SE20
IBM Systems Magazine, Mainframe - January/February 2018 - SE21
IBM Systems Magazine, Mainframe - January/February 2018 - SE22
IBM Systems Magazine, Mainframe - January/February 2018 - SE23
IBM Systems Magazine, Mainframe - January/February 2018 - SE24
IBM Systems Magazine, Mainframe - January/February 2018 - SE25
IBM Systems Magazine, Mainframe - January/February 2018 - SE26
IBM Systems Magazine, Mainframe - January/February 2018 - SE27
IBM Systems Magazine, Mainframe - January/February 2018 - SE28
IBM Systems Magazine, Mainframe - January/February 2018 - SE29
IBM Systems Magazine, Mainframe - January/February 2018 - SE30
IBM Systems Magazine, Mainframe - January/February 2018 - SE31
IBM Systems Magazine, Mainframe - January/February 2018 - SE32
IBM Systems Magazine, Mainframe - January/February 2018 - SE33
IBM Systems Magazine, Mainframe - January/February 2018 - SE34
IBM Systems Magazine, Mainframe - January/February 2018 - SE35
IBM Systems Magazine, Mainframe - January/February 2018 - SE36
IBM Systems Magazine, Mainframe - January/February 2018 - SE37
IBM Systems Magazine, Mainframe - January/February 2018 - SE38
IBM Systems Magazine, Mainframe - January/February 2018 - SE39
IBM Systems Magazine, Mainframe - January/February 2018 - SE40
IBM Systems Magazine, Mainframe - January/February 2018 - SE41
IBM Systems Magazine, Mainframe - January/February 2018 - SE42
IBM Systems Magazine, Mainframe - January/February 2018 - SE43
IBM Systems Magazine, Mainframe - January/February 2018 - SE44
IBM Systems Magazine, Mainframe - January/February 2018 - SE45
IBM Systems Magazine, Mainframe - January/February 2018 - SE46
IBM Systems Magazine, Mainframe - January/February 2018 - SECover3
IBM Systems Magazine, Mainframe - January/February 2018 - SECover4
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
http://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
http://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
http://www.nxtbookMEDIA.com