IBM® Security Key Lifecycle Manager for z/OS® manages encryption keys for storage. It simplifies deployment and helps minimize the risk of loss or breach of sensitive information, while maintaining availability of data at rest natively on IBM System z® mainframe environments.
IBM Security Key Lifecycle Manager for z/OS centralizes and automates the encryption key management process, reduces the number of encryption keys and consolidates encryption key management. It facilitates compliance for regulatory standards that require strong hardware encryption such as Sarbanes-Oxley (SOX) and the Health Insurance Portability and Accountability Act (HIPAA).
IBM Security Key Lifecycle Manager for z/OS:
- Integrates with encrypting storage devices with hardware encryption for performance, Resource Access Control Facility (RACF), Integrated Cryptographic Service Facility (ICSF) and IBM Enterprise Key Management Foundation (EKMF). It is a simple upgrade for existing Encryption Key Manager (EKM) customers
- Simplifies encryption key management by using native z/OS functions for security and auditing to reduce administrative overhead; integrates hardware and software encryption to reduce complexity
- Automates encryption key data backup and recovery for enhanced data availability and integrity
- Uses the availability, scale and performance of IBM System z to provide a centralized hub for encryption key management
- Improves security for key serving because the key material is only served to known and verified devices in a protected manner