Software Diversified Services (SDS), a mainframe tools vendor, announced it has made PGP Corporation's data encryption platform available for IBM z/OS systems. The offering, PGP Command Line for IBM Mainframes, integrates into existing mainframe processes and provides compression and encryption for data at rest, in transmission, and in archival backups, SDS says.
By implementing PGP for data security on z/OS mainframes, organizations can employ an integrated security system across multiple platforms, including IBM z/OS, IBM i, and AIX; Sun Solaris; and UNIX, Linux, Windows, and Macintosh machines.
"Legacy systems are especially prone to security breaches because traditional file transfer and email protocols have no built-in security," Colin van der Ross, senior systems engineer for SDS, tells 5 Minute Briefing. "It's not enough to just encrypt email and file transfer sessions. We have to protect data at rest as well - our backup archives, for example."
According to van der Ross, hackers are now crafty enough to steal from mainframes. There were more incidents of data compromises in 2008 than in the previous four years combined, and, of those, 93% were in the financial industry, he notes. PGP also reduces demands on infrastructure by compressing data volumes.
PGP Command Line is built on the OpenPGP standard described in RFC 2440, a public encryption standard that has undergone more than a decade of review by the world's best cryptographers. It meets the U.S. Federal Information Processing Standard (FIPS), and is one of two standards recommended for email security by the U.S. National Institute of Standard and Technology (NIST).
"There's no point in encrypting data if the right people can't decrypt it, maybe tomorrow, maybe 10 years from now," says van der Ross. "PGP Command Line for IBM Mainframes is perfect for big, complex networks running all kinds of machines all over the world. You can encrypt and archive z/OS data, and when the time comes, a trusted business partner can decrypt it on UNIX. You can encrypt and email data from z/OS USS, then access and read it on your Windows machine."
The PGP family of encryption tools includes deployments for z/OS, z/OS USS, Linux on System z, IBM i, IBM AIX, UNIX/Linux, Sun, Windows, Apple. For partners who do not have PGP tools, PGP Command Line can generate Self-Decrypting Archives (SDAs) to run on almost any machine, provided the user has the key, states van der Ross.
SDS provides sales and technical support for PGP Command Line for IBM Mainframes in agreement with Townsend Security. PGP products are developed by PGP Corp., now owned by Symantec Corp.
For more information, a free white paper, or a live demonstration by webcast, go to the SDS website.