While traditional data protection solutions entail massive code updates, Voltage SecureData z/Protect leaves most applications unaltered, and the few changes required consist of a single line of code. With z/Protect, Voltage SecureData offers the widest mainframe, midrange, and open systems platform support available for data protection.
“The mainframe continues to be a key element of IT infrastructure in large enterprises, and with the rise in data breaches, the urgency to protect data throughout the entire ecosystem is ever-increasing,” said Phil Smith III, mainframe architect, Voltage Security.
“Voltage SecureData provides the only comprehensive cross-platform data protection solution, including native z/OS components, designed and built specifically to exploit that environment while still interoperating with Voltage SecureData for other platforms.”
“With its breadth of coverage and low-impact implementation and operation, Voltage SecureData is truly the easiest way to implement enterprise-class data protection,” continued Smith.
Voltage SecureData z/Protect provides Voltage Format-Preserving Encryption™ (FPE) and Voltage Secure Stateless Tokenization™ (SST), breakthrough technologies that make encryption and tokenization dramatically easier for any application, in any z/OS environment. With FPE and SST, data size and character set do not change when data is protected.
In this new release, native, dynamic data masking increases application security and control by allowing administrative control over protected data. Role-based access to data enables the full credit card or Social Security number to be revealed to an authorized user, while another user, such as a call center agent, will only see the last four digits of the number in the clear. Another new feature, token multiplexing, enables generation of distinct tokens for multiple lines of business.
Reduces Audit/Compliance Scope and Risk of Data Theft
With Voltage SecureData z/Protect, most applications can operate on the protected data directly, reducing compliance audit scope. Key access is controlled using native z/OS security methodologies (RACF, ACF2, Top Secret), avoiding the need for applications to store credentials, further reducing the exposure of sensitive information for attackers to steal.
Another new feature, called DB2 FIELDPROC support, enables transparent integration of Voltage SecureData into application environments that use DB2 without requiring any changes to the application at all, while providing full Separation of Duties as required by PCI DSS and other standards.
Reduces Implementation Costs
Prior to Voltage SecureData z/Protect, mainframe data protection choices have been overly complex, with potential for errors, and requiring extensive training needed for users as well as re-architecting code from the ground up. Now data protection control and policy administration are centralized in the z/Protect configuration, greatly simplifying implementation. Training applications programmers is simple, and opportunities for error are greatly reduced.
A number of operational improvements now make it even easier to administer a complex z/Protect environment.