HIPAA News

IBM's New Mainframe Software Automates Security Administration and Audit Processes

(Aug 19, 2007)-- IBM unveiled a new release of its mainframe operating system -- the z/OS -- adding features that increase the software's already fortress-like security for online commerce as well as the next generation of highly secure business transactions. IBM also announced new mainframe software that automates security administration and audit processes.

"Originally designed to be shared by thousands of users, the IBM mainframe has security built into nearly every level of the computer -- from the processor level, to the operating system to the application level," said Jim Porell, Distinguished Engineer and System z Chief Architect. "Our security leadership is one of the many reasons why the world's top banks rely on the IBM mainframe for their financial transactions."

For companies running "thousands" of transactions that require identity validation and lightning fast communications from countless customers and unknown parties, the new IBM z/OS is designed to deliver the following:

* Improved network security policy management -- making it easier to set network security policy across multiple instances of z/OS mainframe operating systems. Administrators only need to define one centralized policy to enforce network encryption rules and intrusion detection for all z/OS systems within an enterprise -- including distributed systems attempting communication with z/OS systems.
* Enhanced Public Key Infrastructure (PKI) services to help improve the creation, authentication, renewal, and management of digital certificates for user and device authentication. By managing digital certificates directly through their z/OS mainframe, customers can potentially see substantial savings compared to the cost of third party hosting. This capability is essential in creating the digital certificates for buyers and sellers to conduct secure business transactions online. z/OS's PKI can be used for many important tasks, such as securing a wireless network infrastructure using WPA security, exploiting smartcard technology on credit and cash cards and securing the end nodes of a Virtual Private Network that might be hosting Point of Sale or ATM communications traffic.
* Adoption of the popular security standard, PKCS #11, which specifies an application programming interface for devices that hold cryptographic information and perform cryptographic functions. These functions are now provided on z/OS to help host applications that utilize this standard onto z/OS to take advantage of the centralized key storage provided by z/OS.

Additional enhancements include more robust scalability and availability for clustered environments, improved economics via expanded use of specialty engines, simplified management for network diagnosis, among others. For details, log on to http://www-03.ibm.com/servers/eserver/zseries/zos/.

IBM Tivoli zSecure
IBM also announced today new software that provides additional functionality for the mainframe's security system while helping reduce processing time. The IBM Tivoli zSecure Manager for RACF z/VM provides automation of security administration and audit processes in the virtual mainframe environment. With the opportunity to define more granular divisions between administration authority levels, senior administrators can divert tasks and workloads to decentralized contacts without compromising security. Tivoli zSecure Manager for RACF z/VM extends auditing capability by reading the RACF database, analyzing SMF records generated by RACF z/VM, and providing user privileges from both RACF and the VM directory.

IBM Tivoli zSecure Manager for RACF z/VM is an addition to the broader IBM Tivoli zSecure suite for managing mainframe security, first made available in July 2007, leveraging technology from IBM's Consul acquisition in January of this year.

The IBM mainframe is an incredibly secure server with an abundance of security safeguards and capabilities. These features are designed to protect against hacks, keep private data from getting "in the clear," and allow for easy management of complex security issues. In today's world, when every week seemingly brings a new identity theft scandal, multiple industries must conform to stringent security and audit regulations, such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS); security has never been more relevant to more sectors ranging from financial services and retail, to healthcare and government organizations.

Share or bookmarklet this web page at: