IBM Z mainframe has built-in encryption to fight 'epidemic of data breaches'


IBM is doing its damnedest to keep the mainframe relevant in a modern context, and believe it or not, there are plenty of monster corporations throughout the world who still use those relics from the earliest days of computing. Mainframes are still widely used in financial services.

The z14 CPU has new instructions in the single instruction, multiple data (SIMD) facility that speeds traditional decimal operation workloads (i.e. COBOL 6.2, PL/I 5.2) and analytics (ie, Apache Spark for z/OS) beyond that provided by the faster processor. FICON SAN access features 10 times lower latency than the z13 with the zHyperLink Express, enabling application response time to be cut in half.

There are some applications that can profit from having one of IBM's mysterious black monoliths in the data center today. Because of this, only about 2% of corporate data is now encrypted, the release said. The z14 is even gruntier and bumps that up nearly five fold to 12 billion encrypted transactions per day. It supports 2,000,000 Docker containers and 1,000 concurrent NoSQL databases. IBM's key management system hardware causes keys to self-destruct in response to intrusions, and they are then reconstituted after the intrusion, the company said. The system's advanced cryptographic capability can now extend across any data, network, external device or entire application - such as the IBM Cloud Blockchain service - with no application changes and no impact on business service level agreements.

A Secure Service Container protects is claimed to protect against insider threats from contractors and privileged users, providing automatic data and code encryption in-flight and at-rest, and tamper-resistance during installation and runtime.

Encrypted application programming interfaces so developers can build applications and services.

"The pervasive encryption that is built into, and is created to extend beyond, the new IBM Z really makes this the first system with an all-encompassing solution to the security threats and breaches we've been witnessing in the past 24 months", said Peter Rutten, analyst at IDC's servers and compute platforms group. Capable of running more than 12 billion encrypted transactions per day, IBM z makes it possible, for the first time, to encrypt all data associated with any application, cloud service or database, all the time.

"The vast majority of stolen or leaked data today is in the open and easy to use because encryption has been very hard and expensive to do at scale", said Ross Mauri, general manager at IBM Z.

Big Blue says x86 servers are crap at encryption. According to the company, this is faster than x86 systems, which only focus on limited slices of data.

The Ponemon Institute's "2017 Cost of Data Breach Study" found that extensive use of encryption is a top factor in reducing the cost of a data breach, resulting in a $17 decrease in cost per lost or stolen record and an average cost of $141 per lost record.

"There is a global epidemic of data theft".

As for pricing, IBM unveiled three container pricing models.

The pricing changes are meant to fend off the public cloud as well.

The company expects to ship the mainframe in the third quarter.

Mauri said the core of the system-software, hardware and firmware-is usually in development about 3 years. While IBM plays an important role in online commerce (its transaction engine handles 87 percent of credit card payments), many companies would likely have to upgrade before you'd see the benefit. Consequently the z14's prime role is to support and continue this installed base revenue stream.