Data-Centric Security from IBM System z to IBM BigInsights
Mainframe-based data is increasingly being made accessible for analytics on other platforms such as Hadoop and IBM BigInsights. The IT organization urgently needs a better, more comprehensive security strategy–to enhance mainframe data protection even while it enables the secure movement, access and use of data throughout the enterprise, and for analytics.
HPE SecureData z/Protect provides easy native data protection on IBM System z. Protecting data first with HPE SecureData z/Protect avoids data breaches at rest and in transition between SSL and secure repositories, no matter whether mainframe data is pumped into Hadoop Distributed File System (HDFS) via extract/transform/load (ETL) tools, the Sqoop JDBC connector, or other means of ingestion. An easily integrated, comprehensive encryption and tokenization solution for all z/OS environments, including native CICS APIs, HPE SecureData z/Protect eliminates complexity in mainframe data protection. It is simple to deploy and administer, without disruption to existing processes or heavy management overhead. This modernization of data protection for mainframe data reduces audit scope, and dramatically reduces the risk of data theft. Most importantly, it does so with minimal application impact.
HPE SecureData Suite for Hadoop
HPE SecureData for Hadoop is certified on IBM BigInsights. HPE SecureData technology integration with IBM BigInsights makes it possible to secure sensitive data entering the Hadoop ecosystem, control access to that data, and ensure compliance with international data security, residency and privacy regulations, all while optimizing performance and scalability.
Typical use cases with HPE SecureData solutions include de-identifying large data sets for secure analytics and external sharing; mainframe data masking native to z/OS, for DB2, Files, IMS; masking in existing workflow, e.g. ETL or data sub-setting tools; and secure reversibility, e.g. z/OS to Hadoop and back again.
“Data protection needs to take into account both internal and external threats, including those against critical database and application resources. However, many protection mechanisms require application retooling or add complexity that delays or halts deployment. HPE Format-Preserving Encryption overcomes these issues. It’s an exciting step toward improved, simpler data protection and compliance with regulatory requirements.”
High-Performance Data De-Identification
HPE SecureData builds Data De-Identification into existing workflows and data management frameworks using a set of APIs and processing tools that are compatible with extraction, transformation and loading (ETL) and data management solutions across Linux, UNIX, Windows, IBM z/OS mainframe, HPE NonStop, Stratus, Teradata, Amazon Web Services, Microsoft Windows Azure, and Hadoop.