Keeping Up With Security and Compliance on IBM Z

Keeping Up With Security and Compliance on IBM Z PDF Author: Bill White
Publisher: IBM Redbooks
ISBN: 0738461172
Category : Computers
Languages : en
Pages : 136

Book Description
Non-compliance can lead to increasing costs. Regulatory violations involving data protection and privacy can have severe and unintended consequences. In addition, companies must keep pace with changes that arise from numerous legislative and regulatory bodies. Global organizations have the added liability of dealing with national and international-specific regulations. Proving that you are compliant entails compiling and organizing data from multiple sources to satisfy auditor's requests. Preparing for compliance audits can be a major time drain, and maintaining, updating, and adding new processes for compliance can be a costly effort. How do you keep constant changes to regulations and your security posture in check? It starts with establishing a baseline: knowing and understanding your current security posture, comparing it with IBM Z® security capabilities, and knowing the latest standards and regulations that are relevant to your organization. IBM Z Security and Compliance Center can help take the complexity out of your compliance workflow and the ambiguity out of audits while optimizing your audit process to reduce time and effort. This IBM Redbooks® publication helps you make the best use of IBM Z Security and Compliance Center and aid in mapping all the necessary IBM Z security capabilities to meet compliance and improve your security posture. It also shows how to regularly collect and validate compliance data, and identify which data is essential for auditors. After reading this document, you will understand how your organization can use IBM Z Security and Compliance Center to enhance and simplify your security and compliance processes and postures for IBM z/OS® systems. This publication is for IT managers and architects, system and security administrators

Getting Started with z/OS Data Set Encryption

Getting Started with z/OS Data Set Encryption PDF Author: Bill White
Publisher: IBM Redbooks
ISBN: 0738460222
Category : Computers
Languages : en
Pages : 274

Book Description
This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738435880
Category : Computers
Languages : en
Pages : 494

Book Description
Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.

Security in Development: The IBM Secure Engineering Framework

Security in Development: The IBM Secure Engineering Framework PDF Author: Warren Grunbok
Publisher: IBM Redbooks
ISBN: 0738457175
Category : Computers
Languages : en
Pages : 32

Book Description
IBM® has long been recognized as a leading provider of hardware, software, and services that are of the highest quality, reliability, function, and integrity. IBM products and services are used around the world by people and organizations with mission-critical demands for high performance, high stress tolerance, high availability, and high security. As a testament to this long-standing attention at IBM, demonstration of this attention to security can be traced back to the Integrity Statement for IBM mainframe software, which was originally published in 1973: IBM's long-term commitment to System Integrity is unique in the industry, and forms the basis of MVS (now IBM z/OS) industry leadership in system security. IBM MVS (now IBM z/OS) is designed to help you protect your system, data, transactions, and applications from accidental or malicious modification. This is one of the many reasons IBM 360 (now IBM Z) remains the industry's premier data server for mission-critical workloads. This commitment continues to apply to IBM's mainframe systems and is reiterated at the Server RACF General User's Guide web page. The IT market transformed in 40-plus years, and so have product development and information security practices. The IBM commitment to continuously improving product security remains a constant differentiator for the company. In this IBM RedguideTM publication, we describe secure engineering practices for software products. We offer a description of an end-to-end approach to product development and delivery, with security considered. IBM is producing this IBM Redguide publication in the hope that interested parties (clients, other IT companies, academics, and others) can find these practices to be a useful example of the type of security practices that are increasingly a must-have for developing products and applications that run in the world's digital infrastructure. We also hope this publication can enrich our continued collaboration with others in the industry, standards bodies, government, and elsewhere, as we seek to learn and continuously refine our approach.

Security on z/VM

Security on z/VM PDF Author: Paola Bari
Publisher: IBM Redbooks
ISBN: 0738488542
Category : Computers
Languages : en
Pages : 348

Book Description
Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System zTM and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment. This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication. Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book. This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration. The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.

Security on IBM z/VSE

Security on IBM z/VSE PDF Author: Helmut Hellner
Publisher: IBM Redbooks
ISBN: 0738456918
Category : Computers
Languages : en
Pages : 472

Book Description
One of a firm's most valuable resources is its data: client lists, accounting data, employee information, and so on. This critical data must be securely managed and controlled, and simultaneously made available to those users authorized to see it. The IBM® z/VSE® system features extensive capabilities to simultaneously share the firm's data among multiple users and protect them. Threats to this data come from various sources. Insider threats and malicious hackers are not only difficult to detect and prevent, they might be using resources with the business being unaware. This IBM Redbooks® publication was written to assist z/VSE support and security personnel in providing the enterprise with a safe, secure and manageable environment. This book provides an overview of the security that is provided by z/VSE and the processes for the implementation and configuration of z/VSE security components, Basic Security Manager (BSM), IBM CICS® security, TCP/IP security, single sign-on using LDAP, and connector security.

IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager

IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738434469
Category : Computers
Languages : en
Pages : 464

Book Description
To comply with government and industry regulations, such as Sarbanes-Oxley, Gramm Leach Bliley (GLBA), and COBIT (which can be considered a best-practices framework), organizations must constantly detect, validate, and report unauthorized changes and out-of-compliance actions within the Information Technology (IT) infrastructure. Using the IBM® Tivoli Security Information and Event Manager solution organizations can improve the security of their information systems by capturing comprehensive log data, correlating this data through sophisticated log interpretation and normalization, and communicating results through a dashboard and full set of audit and compliance reporting. In this IBM Redbooks® publication, we discuss the business context of security audit and compliance software for organizations and describe the logical and physical components of IBM Tivoli Security Information and Event Manager. We also present a typical deployment within a business scenario. This book is a valuable resource for security officers, administrators, and architects who want to understand and implement a centralized security audit and compliance solution.

Getting Started: Journey to Modernization with IBM Z

Getting Started: Journey to Modernization with IBM Z PDF Author: Makenzie Manna
Publisher: IBM Redbooks
ISBN: 0738459534
Category : Computers
Languages : en
Pages : 90

Book Description
Modernization of enterprise IT applications and infrastructure is key to the survival of organizations. It is no longer a matter of choice. The cost of missing out on business opportunities in an intensely competitive market can be enormous. To aid in their success, organizations are facing increased encouragement to embrace change. They are pushed to think of new and innovative ways to counter, or offer, a response to threats that are posed by competitors who are equally as aggressive in adopting newer methods and technologies. The term modernization often varies in meaning based on perspective. This IBM® Redbooks® publication focuses on the technological advancements that unlock computing environments that are hosted on IBM Z® to enable secure processing at the core of hybrid. This publication is intended for IT executives, IT managers, IT architects, System Programmers, and Application Developer professionals.

Scale up for Linux on IBM Z

Scale up for Linux on IBM Z PDF Author: Lydia Parziale
Publisher: IBM Redbooks
ISBN: 073845656X
Category : Computers
Languages : en
Pages : 78

Book Description
This book was written by IBM® IT specialists who have experience implementing IBM Z® solutions, especially Linux on IBM LinuxONETM (LinuxONE) or IBM Z servers. Therefore, the content of this book follows the guidelines from Linux and IBM z/VM® regarding LinuxONE and IBM Z installations. The preferred practices described in this book are gathered from the experiences of those specialists in hundreds of projects at IBM and customer environments. This publication provides you with all of the information that you need to decide the best scaling architecture when implementing Linux on IBM Z or LinuxONE. This book has the following goals: To inform you about x86 sprawl problems To inform you that x86 Vertical Scale out architectures are problematic going forward To provide solutions to x86 server sprawl problems To inform you about the LinuxONE and IBM Z differentiation for each x86 server sprawl problem To provide virtulization and security options for LinuxOne and IBM Z The scaling up and scaling out architectures enable you to scale the capacity of an existing system to attend a sporadic application demand or an application workload. This gives you some freedom to operate in the environment. However, if this activity is performed without correct planning and the correct architecture choice, it leads to a server sprawl situation where your environment houses more servers than it should based on its current and predicted requirements. Although scaling out on x86 systems is a common form of scaling because of their popularity, the x86 systems were originally designed as cheap computers. Unfortunately, the scale out on x86 can easily become a problem in terms of total cost of ownership (TCO) when the environment starts to increase in terms of number of physical servers. The LinuxONE and IBM Z servers solve the sprawl problem caused by the scaling out of x86 servers, and are an excellent choice for cloud, mobile, big data, blockchain, analytics, and other workloads that require a robust and flexible environment. This publication describes the advantages and disadvantages of the scaling options. The audience of this publication consists of the following groups: Customers, IBM Business Partners, and IBM consultants planning and installing Linux on IBM Z, IBM Z family or x86 platform System administrators administering the Linux Systems If you are a customer considering LinuxONE and IBM Z family as a platform for your applications (analytics, blockchain, cloud, or other) or a pre-sales person, read those publications.

Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS

Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738450200
Category : Computers
Languages : en
Pages : 52

Book Description
Every organization has a core set of mission-critical data that requires protection. Security lapses and failures are not simply disruptions, they can be catastrophic events with consequences felt across the enterprise. The inadvertent mistakes of privileged users alone can result in millions of dollars in damages through unintentional configuration errors and careless security commands. Malicious users with authorized access can cause even greater damage. As a result, security management faces a serious challenge to adequately protect a company's sensitive data. Likewise, IT staff is challenged to provide detailed audit and controls documentation in the face of increasing demands on their time. Automation and simplification of security and compliance processes can help you meet these challenges and establish effective, sustainable user administration and audit solutions. This includes security database cleanup, repeatable audit of configurations and settings, and active monitoring of changes and events. IBM Tivoli Security Management for z/OS V1.11 provides these solutions to help enhance the security of mainframe systems through automated audit and administration. In this IBM® RedpaperTM document we discuss how Tivoli® Security Management for z/OS® allows you to submit mainframe security information from z/OS, RACF®, and DB2® into an enterprise audit and compliance solution and how to combine mainframe data from z/OS, RACF, and DB2 with that from other operating systems, applications, and databases in order to provide the ability to capture comprehensive log data, interpret that data through sophisticated log analysis, and communicate results in an efficient, streamlined manner for full enterprise-wide audit and compliance reporting.