Encrypting Data at Rest

Every enterprise must be concerned about data security whether or not it is data in motion, data in use, or data at rest. The attack on New York City’s twin towers on September 11, 2001 ushered in a whole slew of national and international data security laws and regulations designed to force companies to initiate data security measures. These regulations were needed to force all types of organizations to address data security issues which existed after 9/11. Ninety percent of business respondents to a survey taken in 2011 indicated that their systems had been hacked. In 2013 systems of a number of national newspapers were hacked by a foreign government.

To protect themselves against the problems that may occur when their data is stolen, companies around the world have implemented encryption solutions for data-in-motion. However studies indicate that just twenty five percent of businesses use encryption, the preferred method of data protection, to safeguard data at rest.

Mainframe Encryption
Mainframes contain over eighty percent of worldwide enterprise data. In the past when mainframes were systems unto themselves, data encryption was not a major issue. Mainframe encryption was initially implemented during the 1980s, a time when mainframe data was considered secure, to meet the request of financial institutions that needed tight security constraints in order to process ATM transactions.

Today’s mainframes are hubs in SOA (service oriented architecture) environments, back ends to transactions that begin on other machines. Also they are repositories of “legacy data” that must now be secured because of all of the new regulations. Encryption services for many mainframes today are based on the combination of hardware and software processes to data to disk and/or tape.

Summary
An IDC Digital Universe report issued in 2011 indicated that 1.8 zettabytes of data was created in that same year. Research in the report indicated that fifty times that amount of data will be generated by 2020. Data centers around the world are working on ways to protect this “big data”. Mainframes are becoming central to the storing this data.

Forty-three States in the United States have enacted data privacy laws that require companies to protect personal information data from being used by terrorist organizations or others if it is lost or stolen. These laws or regulations, on penalty of large fines initiated by government agencies, back end data, data at rest, data stored on mainframe tapes and disks must be protected. Encryption is the data protection method that has been mandated by many of these government agencies.