IBM Systems magazine, IBM Z - March/April 2020 - 18

"Data Privacy Passports can protect a Db2 for
z/OS database, and every row in a column can
be protected independently depending on policy."
-Jessica Doherty, offering manager, IBM Z Security

data in the clear," explains Jessica
Doherty, offering manager, IBM Z
Security. "Data Privacy Passports
can protect a Db2* for z/OS* database and every row in a column
can be protected independently
depending on policy. Even if a copy
of the data is created, the policy is
copied with it, and the data maintains its protection."

A Simple Truth
Tight control over data entitlement
is a core aspect of Data Privacy
Passports. Indeed, this capability
goes hand in hand with encryption,
ensuring both point-to-point data
privacy and-crucially-data traceability and auditability from origin
to consumption. This helps confirm
that information is being used appropriately and only as intended.
To that end, Data Privacy Passports policies can be as granular as
needed. For instance, a data scien-

tist might have a six-month project
during which they need to access
the phone numbers of company
customers, but area codes
will suffice.
A contextual-control policy
can be developed to reflect this by
masking the rest of the phone number, thereby not revealing any other
personalized customer information
that may be considered sensitive.
If the data scientist's six months
expires, their access to the data can
be revoked.
Data Privacy Passports
policy-driven encryption allows
selective data masking, redacting
and access control to extend to the
cloud. And this is no small matter. Traditionally, organizations
used public clouds for the benign
hosting of, for example, front-end
interfaces of end-user applications.
Now, they're increasingly
pushing mission-critical work-

DATA PRIVACY PASSPORTS IN SHORT
Data Privacy Passports features include:
* Trusted data objects that provide data-centric protection
of data, privacy and provenance
* Data is protected at the point of extraction and is enforced
at the point of consumption
* Enforces multiple views of data from single source based
on need to know
* Policy access can be changed dynamically to revoke or
entitle a user's access to data
* The ability to track the complete data journey, from point
of origin to consumption

loads to hybrid clouds, whether to
save money or more easily share
application resources for, say, AI
modeling. But this comes with
obvious security pitfalls, with some
organizations mistakenly assuming
the cloud provider will offer data
protection as part of their contract.
A closer look at the small print may
reveal that no such assurances are
expressed or implied.
As Compert notes, "You're responsible for the data being put out
there. You're responsible for access
control and deciding who has access to that information. You have
to understand the controls and
realize a lot of cloud providers don't
have well-developed security capabilities, even to provide real-time
audit trails of activity. That's just a
simple truth."
Thankfully, z15 users can protect that data by hashing or redacting it prior to sending it to the
cloud. This essentially means that
cloud applications are only entitled
to access what's allowable, based on
policies, and the other data is protected and private via encryption.
Concurrent with this, data
transactions are tracked from
origin to consumption and logged,
so compliance auditors can track
data lineage, such as where and
by whom the data is touched as it
moves through the enterprise. If
something is exposed, the auditors
can review the audit record and see
who accessed the data last, which
may give them a lead on identifying
the root cause. This end-to-end
trackability can also be used to

18 | MARCH/APRIL 2020 IBMSYSTEMSMAG.COM

pg 14-20.indd 18

2/12/20 3:09 PM


http://www.IBMSYSTEMSMAG.COM

IBM Systems magazine, IBM Z - March/April 2020

Table of Contents for the Digital Edition of IBM Systems magazine, IBM Z - March/April 2020

Table of Contents
Editor's Desk: Securing a data-driven world
Currents: Learn how to provide customers with data privacy and security at Think 2020
Currents: On the web
Currents: Closing the COBOL programming skills gap
Currents: Hyundai and Uber announce aerial ride-hailing partnership
Partner POV: 3 requirements for enterprise-level digital transformation
Cover Story: Dynamic Data Protection: IBM Data Privacy Passports gives IBM Z users data privacy control, no matter where it is or where it's going
Feature 1: Sealing up Privacy: Continuous IBM Z innovations offer a roadmap designed to stay ahead of clients' changing security needs
Feature 2: Unlocking Quantum Security: Quantum-safe cryptography is key to protecting data as quantum computing systems evolve
TECH Showcase: Collaboration, communication and cooperation are crucial for developing a successful data management strategy
Techbits: z/OS data migration: Helping clients avoid risk and downtime
Techbits: Ask the expert: What is Fibre Channel over IP?
Beyond the Box: Homer Ahr reflects on working mission control for the NASA Apollo space program
Reference Point - Global Events, Education, Resources for Power Systems
2020 IBM Z Solutions Directory
IBM Systems magazine, IBM Z - March/April 2020 - Intro
IBM Systems magazine, IBM Z - March/April 2020 - Cover1
IBM Systems magazine, IBM Z - March/April 2020 - Cover2
IBM Systems magazine, IBM Z - March/April 2020 - 1
IBM Systems magazine, IBM Z - March/April 2020 - 2
IBM Systems magazine, IBM Z - March/April 2020 - 3
IBM Systems magazine, IBM Z - March/April 2020 - Table of Contents
IBM Systems magazine, IBM Z - March/April 2020 - 5
IBM Systems magazine, IBM Z - March/April 2020 - Editor's Desk: Securing a data-driven world
IBM Systems magazine, IBM Z - March/April 2020 - 7
IBM Systems magazine, IBM Z - March/April 2020 - Currents: Learn how to provide customers with data privacy and security at Think 2020
IBM Systems magazine, IBM Z - March/April 2020 - Currents: On the web
IBM Systems magazine, IBM Z - March/April 2020 - Currents: Closing the COBOL programming skills gap
IBM Systems magazine, IBM Z - March/April 2020 - Currents: Hyundai and Uber announce aerial ride-hailing partnership
IBM Systems magazine, IBM Z - March/April 2020 - Partner POV: 3 requirements for enterprise-level digital transformation
IBM Systems magazine, IBM Z - March/April 2020 - 13
IBM Systems magazine, IBM Z - March/April 2020 - Cover Story: Dynamic Data Protection: IBM Data Privacy Passports gives IBM Z users data privacy control, no matter where it is or where it's going
IBM Systems magazine, IBM Z - March/April 2020 - 15
IBM Systems magazine, IBM Z - March/April 2020 - 16
IBM Systems magazine, IBM Z - March/April 2020 - 17
IBM Systems magazine, IBM Z - March/April 2020 - 18
IBM Systems magazine, IBM Z - March/April 2020 - 19
IBM Systems magazine, IBM Z - March/April 2020 - 20
IBM Systems magazine, IBM Z - March/April 2020 - Feature 1: Sealing up Privacy: Continuous IBM Z innovations offer a roadmap designed to stay ahead of clients' changing security needs
IBM Systems magazine, IBM Z - March/April 2020 - 22
IBM Systems magazine, IBM Z - March/April 2020 - 23
IBM Systems magazine, IBM Z - March/April 2020 - Feature 2: Unlocking Quantum Security: Quantum-safe cryptography is key to protecting data as quantum computing systems evolve
IBM Systems magazine, IBM Z - March/April 2020 - 25
IBM Systems magazine, IBM Z - March/April 2020 - 26
IBM Systems magazine, IBM Z - March/April 2020 - 27
IBM Systems magazine, IBM Z - March/April 2020 - 28
IBM Systems magazine, IBM Z - March/April 2020 - 29
IBM Systems magazine, IBM Z - March/April 2020 - 30
IBM Systems magazine, IBM Z - March/April 2020 - TECH Showcase: Collaboration, communication and cooperation are crucial for developing a successful data management strategy
IBM Systems magazine, IBM Z - March/April 2020 - 32
IBM Systems magazine, IBM Z - March/April 2020 - 33
IBM Systems magazine, IBM Z - March/April 2020 - 34
IBM Systems magazine, IBM Z - March/April 2020 - 35
IBM Systems magazine, IBM Z - March/April 2020 - Techbits: z/OS data migration: Helping clients avoid risk and downtime
IBM Systems magazine, IBM Z - March/April 2020 - 37
IBM Systems magazine, IBM Z - March/April 2020 - Techbits: Ask the expert: What is Fibre Channel over IP?
IBM Systems magazine, IBM Z - March/April 2020 - 39
IBM Systems magazine, IBM Z - March/April 2020 - Beyond the Box: Homer Ahr reflects on working mission control for the NASA Apollo space program
IBM Systems magazine, IBM Z - March/April 2020 - Cover3
IBM Systems magazine, IBM Z - March/April 2020 - Cover4
IBM Systems magazine, IBM Z - March/April 2020 - Reference Point - Global Events, Education, Resources for Power Systems
IBM Systems magazine, IBM Z - March/April 2020 - SD
IBM Systems magazine, IBM Z - March/April 2020 - 2020 IBM Z Solutions Directory
IBM Systems magazine, IBM Z - March/April 2020 - CoverSD2
IBM Systems magazine, IBM Z - March/April 2020 - SD1
IBM Systems magazine, IBM Z - March/April 2020 - SD2
IBM Systems magazine, IBM Z - March/April 2020 - SD3
IBM Systems magazine, IBM Z - March/April 2020 - SD4
IBM Systems magazine, IBM Z - March/April 2020 - CT1
IBM Systems magazine, IBM Z - March/April 2020 - CT2
IBM Systems magazine, IBM Z - March/April 2020 - SD5
IBM Systems magazine, IBM Z - March/April 2020 - SD6
IBM Systems magazine, IBM Z - March/April 2020 - SD7
IBM Systems magazine, IBM Z - March/April 2020 - SD8
IBM Systems magazine, IBM Z - March/April 2020 - SD9
IBM Systems magazine, IBM Z - March/April 2020 - SD10
IBM Systems magazine, IBM Z - March/April 2020 - SD11
IBM Systems magazine, IBM Z - March/April 2020 - SD12
IBM Systems magazine, IBM Z - March/April 2020 - SD13
IBM Systems magazine, IBM Z - March/April 2020 - SD14
IBM Systems magazine, IBM Z - March/April 2020 - SD15
IBM Systems magazine, IBM Z - March/April 2020 - SD16
IBM Systems magazine, IBM Z - March/April 2020 - SD17
IBM Systems magazine, IBM Z - March/April 2020 - SD18
IBM Systems magazine, IBM Z - March/April 2020 - SD19
IBM Systems magazine, IBM Z - March/April 2020 - SD20
IBM Systems magazine, IBM Z - March/April 2020 - SD21
IBM Systems magazine, IBM Z - March/April 2020 - SD22
IBM Systems magazine, IBM Z - March/April 2020 - SD23
IBM Systems magazine, IBM Z - March/April 2020 - SD24
IBM Systems magazine, IBM Z - March/April 2020 - SD25
IBM Systems magazine, IBM Z - March/April 2020 - SD26
IBM Systems magazine, IBM Z - March/April 2020 - SD27
IBM Systems magazine, IBM Z - March/April 2020 - SD28
IBM Systems magazine, IBM Z - March/April 2020 - SD29
IBM Systems magazine, IBM Z - March/April 2020 - SD30
IBM Systems magazine, IBM Z - March/April 2020 - SD31
IBM Systems magazine, IBM Z - March/April 2020 - SD32
IBM Systems magazine, IBM Z - March/April 2020 - SD33
IBM Systems magazine, IBM Z - March/April 2020 - SD34
IBM Systems magazine, IBM Z - March/April 2020 - SD35
IBM Systems magazine, IBM Z - March/April 2020 - SD36
IBM Systems magazine, IBM Z - March/April 2020 - SD39
IBM Systems magazine, IBM Z - March/April 2020 - SD40
IBM Systems magazine, IBM Z - March/April 2020 - SD41
IBM Systems magazine, IBM Z - March/April 2020 - SD42
IBM Systems magazine, IBM Z - March/April 2020 - SD43
IBM Systems magazine, IBM Z - March/April 2020 - SD44
IBM Systems magazine, IBM Z - March/April 2020 - SD45
IBM Systems magazine, IBM Z - March/April 2020 - SD46
IBM Systems magazine, IBM Z - March/April 2020 - SD47
IBM Systems magazine, IBM Z - March/April 2020 - SD48
IBM Systems magazine, IBM Z - March/April 2020 - SD49
IBM Systems magazine, IBM Z - March/April 2020 - SD50
IBM Systems magazine, IBM Z - March/April 2020 - SD51
IBM Systems magazine, IBM Z - March/April 2020 - SD52
IBM Systems magazine, IBM Z - March/April 2020 - SD53
IBM Systems magazine, IBM Z - March/April 2020 - SD54
IBM Systems magazine, IBM Z - March/April 2020 - SD55
IBM Systems magazine, IBM Z - March/April 2020 - SD56
IBM Systems magazine, IBM Z - March/April 2020 - CoverSD3
IBM Systems magazine, IBM Z - March/April 2020 - CoverSD4
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20201112
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200910
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbookmedia.com