UPDATED 00:01 EST / JULY 17 2017

INFRA

In an era of relentless data breaches, IBM focuses new mainframe on ‘pervasive’ encryption

IBM Corp. will debut the newest in its decades-long series of mainframe computers for mainstream transaction processing Monday, this time focusing in particular on better protection of more data wherever it resides.

The IBM z14 (pictured, with IBM distinguished engineer Karl Casserly, left, and hardware engineer Rhonda Sundlof) features what the company calls “pervasive encryption,” providing the ability to encrypt all data in an application, database or cloud service.

Computer hardware in general and large mainframe-style computers have taken a big hit in the dawning era of cloud computing. But most large transaction systems such as credit-card processing, airline flight purchases and automatic teller machine systems still run on them. IBM said the z14 represents the “most significant system overhaul” in more than 15 years.

“IBM has been putting a big emphasis over the past year on supporting their core customer base of large enterprises that have invested heavily in mainframes, private clouds, security and governance,” said Jim Kobielus, an analyst at Wikibon, owned by the same company as SiliconANGLE.

IBM, whose Watson artificial-intelligence system got slammed last week by one analyst, is hoping that a focus on encryption will make the machine more appealing at a time when major security breaches are nearly a daily occurrence. “The pervasive encryption is the game-changer here,” Mike Desens, vice president of offering management for IBM Z, said in an interview.

The company said only 2 percent of data in corporate data centers is encrypted because it’s expensive and time-consuming to do at the application level that most encryption technology addresses. Moreover, the process can impede the flow of data, often slowing transaction processing too much for many data-intensive and real-time applications.

What the IBM machine does is encrypt all data for an application or cloud service or in a database whether the data is being used actively or residing “at rest.” IBM’s technology involves several advances, the company said.

For one, IBM has been steadily improving its encryption algorithms in recent years. Also, IBM claimed, the bulk encryption is possible without degrading performance more than about 2 to 4 percent thanks to four times as much silicon circuitry dedicated to encryption. As a result, encryption performance is seven times faster than on IBM’s previous-generation z13 mainframe and, according to IBM, 18 times faster than systems powered by Intel Corp.’s x86 chips.

Ready for GDPR

In addition, IBM is providing “tamper-responding” encryption keys. These passcodes are vulnerable to attack because they’re usually exposed while in active memory as they’re being used. IBM’s key management system hardware causes keys to self-destruct in response to intrusions, and they are then reconstituted after the intrusion, the company said.

“The bad actors are able to break into the perimeter defenses” such as firewalls, said Desens. “So instead of a perimeter defense, you make the data the perimeter.”

The pervasive encryption technology may hold additional appeal for companies because of new data governance regulations due to hit next May in the European Union. The General Data Protection Regulation or GDPR will, among other things, require companies to report breaches within 72 hours or face fines of up to 4 percent of annual revenues — unless the data in question has been encrypted.

To demonstrate the use of the z14 for encryption on cloud services, IBM announced it has opened six new blockchain global data centers in New York, the U.K., Frankfurt, Tokyo, Toronto and Brazil.

Beyond the encryption technology, IBM also announced new pricing of containers, or software that allows applications to be run on multiple systems and cloud services, for the IBM Z. The company said the pricing will provide more flexibility enterprise, application development and test, and payment systems at lower cost across data centers and cloud services.

Overall, IBM said, the new Z system offers a 35 percent increase in capacity for traditional computing workloads and a 50 percent jump for Linux workloads compared with the z13. It also has three times the memory for faster response times and analytics performance and three times faster data movement.

Still, IBM faces a continuing dilemma as a company pushing both its own hardware and its cloud services. “There’s a tension here within IBM’s solution portfolio: the more attractive the pricing of software licenses for Z/OS mainframes in private clouds, the greater the risk to IBM of slowing the adoption of its own competitive IBM Cloud offerings, which are one of the fastest-growing segments of its revenue mix,” said Kobielus. “The Blockchain data centers and Z encryption announcements show how its public cloud is attaining functional parity with its private cloud offerings, but it’s not clear from any of this whether IBM intends to aggressively push down the pricing of its public cloud offerings to compete against formidable rivals in that sector, especially AWS and Microsoft.”

Photo: Connie Zhou/IBM

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU