IBM Systems magazine, IBM Z - March/April 2020 - 16

your reputation? What would be
the impact on your business?
How much will the fines and legal
actions cost?' All of that's going
to cost a lot more than the cost of
encryption," says Cindy Compert,
Distinguished Engineer and Security CTO, IBM Security.
Pervasive encryption is an
example of a solution that addresses these issues. It enables IBM Z
users to encrypt data at the database, data set or disk level-or in
other words, encrypt everything
on their systems. This includes
protecting the data even after it has
been moved or copied somewhere.
But pervasive encryption doesn't
protect the data, the key and access
to the data dynamically like Data
Privacy Passports does.
With pervasive encryption, you
can send a partner the data, but you
also have to send them the key and
then assume they're re-encrypting
the data after they've accessed it
with the key, that they're managing access properly and that their
security policies are as good as
yours. Data Privacy Passports tempers those worries by employing
origin-embedded privacy control
policies to determine who's entitled
to view the data and how much of it
is visible.

A Policy of Protection
The development of this comprehensive security solution was, in
part, due to conversations between

IBM Z users and IBM. As part of
IBM's thought leadership philosophy and design thinking approach,
the understanding of client pain
points is crucial to pushing further
innovation to make sure client concerns are properly addressed.
"We already had our integrated
encryption hardware, but understanding what was happening
from a regulatory point of view and
knowing that our clients needed to
encrypt on a massive scale brought
about pervasive encryption," Jordan says. "But then we had further
conversations about our clients'
needs and they'd say, 'Pervasive encryption is great, but we'd also love
to be able to encrypt and control
access to data everywhere, across
our multiplatform environment.' It
was conversations like those that
led to the development of Data Privacy Passports."
Data Privacy Passports is designed to ensure data is protected
and tracked no matter where it
travels within the enterprise and
on which platform it lands, even if
it's moved due to theft by a user or
systems administrator. It's a single
solution to protect data from end to
end, while allowing you to enforce
the appropriate use of data across
the enterprise using a centralized
and enforceable policy.
With a data-centric approach to
ensuring data privacy, data itself is
encrypted at the starting point and
remains encrypted until it reach-

es the end point. The data stored
at end and intermediate points is
implicitly encrypted and managed
through centralized policy decisions. This is opposed to the more
typical mobile data encryption
techniques, where encryption and
decryption take place at each point
of the network, and any data stored
at end and intermediate points
must be explicitly encrypted.
Data Privacy Passports acts as
a secure data gateway, just under
the application layer, which allows
you to inject encryption directly
into the applicationsĀ and enforce
data entitlement or the appropriate
use of data. A data element itself is
protected as part of a trusted data
object, which includes both the encrypted data and the metadata that
points back to the policy.
This provides access control at
the ļ¬eld level for databases being
shared throughout the enterprise.
You can, for example, create a
data policy and, within that policy, decide who can see the data
and for how long they can see it.
Critically, you can also change or
revoke that policy remotely in the
event of a change in the security
environment, such as an attempted
breach or a business partner being
acquired by a competitor.
"When a data admin needs to
provision data, they'll have access
to the data to be able to provision it
into a data lake, but they wouldn't
have access to read or view the

"The idea behind Data Privacy Passports is that
you can securely share information. That you
can provide it at a very granular level, and that
if you don't want to provide it anymore, you can
take it back."
-Cindy Compert, Distinguished Engineer and Security CTO, IBM Security

16 | MARCH/APRIL 2020 IBMSYSTEMSMAG.COM

pg 14-20.indd 16

2/12/20 3:08 PM


http://www.IBMSYSTEMSMAG.COM

IBM Systems magazine, IBM Z - March/April 2020

Table of Contents for the Digital Edition of IBM Systems magazine, IBM Z - March/April 2020

Table of Contents
Editor's Desk: Securing a data-driven world
Currents: Learn how to provide customers with data privacy and security at Think 2020
Currents: On the web
Currents: Closing the COBOL programming skills gap
Currents: Hyundai and Uber announce aerial ride-hailing partnership
Partner POV: 3 requirements for enterprise-level digital transformation
Cover Story: Dynamic Data Protection: IBM Data Privacy Passports gives IBM Z users data privacy control, no matter where it is or where it's going
Feature 1: Sealing up Privacy: Continuous IBM Z innovations offer a roadmap designed to stay ahead of clients' changing security needs
Feature 2: Unlocking Quantum Security: Quantum-safe cryptography is key to protecting data as quantum computing systems evolve
TECH Showcase: Collaboration, communication and cooperation are crucial for developing a successful data management strategy
Techbits: z/OS data migration: Helping clients avoid risk and downtime
Techbits: Ask the expert: What is Fibre Channel over IP?
Beyond the Box: Homer Ahr reflects on working mission control for the NASA Apollo space program
Reference Point - Global Events, Education, Resources for Power Systems
2020 IBM Z Solutions Directory
IBM Systems magazine, IBM Z - March/April 2020 - Intro
IBM Systems magazine, IBM Z - March/April 2020 - Cover1
IBM Systems magazine, IBM Z - March/April 2020 - Cover2
IBM Systems magazine, IBM Z - March/April 2020 - 1
IBM Systems magazine, IBM Z - March/April 2020 - 2
IBM Systems magazine, IBM Z - March/April 2020 - 3
IBM Systems magazine, IBM Z - March/April 2020 - Table of Contents
IBM Systems magazine, IBM Z - March/April 2020 - 5
IBM Systems magazine, IBM Z - March/April 2020 - Editor's Desk: Securing a data-driven world
IBM Systems magazine, IBM Z - March/April 2020 - 7
IBM Systems magazine, IBM Z - March/April 2020 - Currents: Learn how to provide customers with data privacy and security at Think 2020
IBM Systems magazine, IBM Z - March/April 2020 - Currents: On the web
IBM Systems magazine, IBM Z - March/April 2020 - Currents: Closing the COBOL programming skills gap
IBM Systems magazine, IBM Z - March/April 2020 - Currents: Hyundai and Uber announce aerial ride-hailing partnership
IBM Systems magazine, IBM Z - March/April 2020 - Partner POV: 3 requirements for enterprise-level digital transformation
IBM Systems magazine, IBM Z - March/April 2020 - 13
IBM Systems magazine, IBM Z - March/April 2020 - Cover Story: Dynamic Data Protection: IBM Data Privacy Passports gives IBM Z users data privacy control, no matter where it is or where it's going
IBM Systems magazine, IBM Z - March/April 2020 - 15
IBM Systems magazine, IBM Z - March/April 2020 - 16
IBM Systems magazine, IBM Z - March/April 2020 - 17
IBM Systems magazine, IBM Z - March/April 2020 - 18
IBM Systems magazine, IBM Z - March/April 2020 - 19
IBM Systems magazine, IBM Z - March/April 2020 - 20
IBM Systems magazine, IBM Z - March/April 2020 - Feature 1: Sealing up Privacy: Continuous IBM Z innovations offer a roadmap designed to stay ahead of clients' changing security needs
IBM Systems magazine, IBM Z - March/April 2020 - 22
IBM Systems magazine, IBM Z - March/April 2020 - 23
IBM Systems magazine, IBM Z - March/April 2020 - Feature 2: Unlocking Quantum Security: Quantum-safe cryptography is key to protecting data as quantum computing systems evolve
IBM Systems magazine, IBM Z - March/April 2020 - 25
IBM Systems magazine, IBM Z - March/April 2020 - 26
IBM Systems magazine, IBM Z - March/April 2020 - 27
IBM Systems magazine, IBM Z - March/April 2020 - 28
IBM Systems magazine, IBM Z - March/April 2020 - 29
IBM Systems magazine, IBM Z - March/April 2020 - 30
IBM Systems magazine, IBM Z - March/April 2020 - TECH Showcase: Collaboration, communication and cooperation are crucial for developing a successful data management strategy
IBM Systems magazine, IBM Z - March/April 2020 - 32
IBM Systems magazine, IBM Z - March/April 2020 - 33
IBM Systems magazine, IBM Z - March/April 2020 - 34
IBM Systems magazine, IBM Z - March/April 2020 - 35
IBM Systems magazine, IBM Z - March/April 2020 - Techbits: z/OS data migration: Helping clients avoid risk and downtime
IBM Systems magazine, IBM Z - March/April 2020 - 37
IBM Systems magazine, IBM Z - March/April 2020 - Techbits: Ask the expert: What is Fibre Channel over IP?
IBM Systems magazine, IBM Z - March/April 2020 - 39
IBM Systems magazine, IBM Z - March/April 2020 - Beyond the Box: Homer Ahr reflects on working mission control for the NASA Apollo space program
IBM Systems magazine, IBM Z - March/April 2020 - Cover3
IBM Systems magazine, IBM Z - March/April 2020 - Cover4
IBM Systems magazine, IBM Z - March/April 2020 - Reference Point - Global Events, Education, Resources for Power Systems
IBM Systems magazine, IBM Z - March/April 2020 - SD
IBM Systems magazine, IBM Z - March/April 2020 - 2020 IBM Z Solutions Directory
IBM Systems magazine, IBM Z - March/April 2020 - CoverSD2
IBM Systems magazine, IBM Z - March/April 2020 - SD1
IBM Systems magazine, IBM Z - March/April 2020 - SD2
IBM Systems magazine, IBM Z - March/April 2020 - SD3
IBM Systems magazine, IBM Z - March/April 2020 - SD4
IBM Systems magazine, IBM Z - March/April 2020 - CT1
IBM Systems magazine, IBM Z - March/April 2020 - CT2
IBM Systems magazine, IBM Z - March/April 2020 - SD5
IBM Systems magazine, IBM Z - March/April 2020 - SD6
IBM Systems magazine, IBM Z - March/April 2020 - SD7
IBM Systems magazine, IBM Z - March/April 2020 - SD8
IBM Systems magazine, IBM Z - March/April 2020 - SD9
IBM Systems magazine, IBM Z - March/April 2020 - SD10
IBM Systems magazine, IBM Z - March/April 2020 - SD11
IBM Systems magazine, IBM Z - March/April 2020 - SD12
IBM Systems magazine, IBM Z - March/April 2020 - SD13
IBM Systems magazine, IBM Z - March/April 2020 - SD14
IBM Systems magazine, IBM Z - March/April 2020 - SD15
IBM Systems magazine, IBM Z - March/April 2020 - SD16
IBM Systems magazine, IBM Z - March/April 2020 - SD17
IBM Systems magazine, IBM Z - March/April 2020 - SD18
IBM Systems magazine, IBM Z - March/April 2020 - SD19
IBM Systems magazine, IBM Z - March/April 2020 - SD20
IBM Systems magazine, IBM Z - March/April 2020 - SD21
IBM Systems magazine, IBM Z - March/April 2020 - SD22
IBM Systems magazine, IBM Z - March/April 2020 - SD23
IBM Systems magazine, IBM Z - March/April 2020 - SD24
IBM Systems magazine, IBM Z - March/April 2020 - SD25
IBM Systems magazine, IBM Z - March/April 2020 - SD26
IBM Systems magazine, IBM Z - March/April 2020 - SD27
IBM Systems magazine, IBM Z - March/April 2020 - SD28
IBM Systems magazine, IBM Z - March/April 2020 - SD29
IBM Systems magazine, IBM Z - March/April 2020 - SD30
IBM Systems magazine, IBM Z - March/April 2020 - SD31
IBM Systems magazine, IBM Z - March/April 2020 - SD32
IBM Systems magazine, IBM Z - March/April 2020 - SD33
IBM Systems magazine, IBM Z - March/April 2020 - SD34
IBM Systems magazine, IBM Z - March/April 2020 - SD35
IBM Systems magazine, IBM Z - March/April 2020 - SD36
IBM Systems magazine, IBM Z - March/April 2020 - SD39
IBM Systems magazine, IBM Z - March/April 2020 - SD40
IBM Systems magazine, IBM Z - March/April 2020 - SD41
IBM Systems magazine, IBM Z - March/April 2020 - SD42
IBM Systems magazine, IBM Z - March/April 2020 - SD43
IBM Systems magazine, IBM Z - March/April 2020 - SD44
IBM Systems magazine, IBM Z - March/April 2020 - SD45
IBM Systems magazine, IBM Z - March/April 2020 - SD46
IBM Systems magazine, IBM Z - March/April 2020 - SD47
IBM Systems magazine, IBM Z - March/April 2020 - SD48
IBM Systems magazine, IBM Z - March/April 2020 - SD49
IBM Systems magazine, IBM Z - March/April 2020 - SD50
IBM Systems magazine, IBM Z - March/April 2020 - SD51
IBM Systems magazine, IBM Z - March/April 2020 - SD52
IBM Systems magazine, IBM Z - March/April 2020 - SD53
IBM Systems magazine, IBM Z - March/April 2020 - SD54
IBM Systems magazine, IBM Z - March/April 2020 - SD55
IBM Systems magazine, IBM Z - March/April 2020 - SD56
IBM Systems magazine, IBM Z - March/April 2020 - CoverSD3
IBM Systems magazine, IBM Z - March/April 2020 - CoverSD4
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20201112
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200910
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbookmedia.com