It doesn’t usually matter much to consumers what kind of mainframes a business decides to use, but maybe it should. Everyone has gotten one of those emails or ominous letters in the mail that describe a data breach, meaning that still more of your personal data is floating around the darker corners of the internet. IBM is launching a new mainframe system to limit the impact of such breaches. The new IBM Z can encrypt all the data in an enterprise at all times. IBM calls this “pervasive encryption.”
IBM designed this server from the ground up with full end-to-end encryption in mind. This hasn’t been feasible in the past because it’s an expensive and power-intensive process. However, so was using SSL on websites in the past. Maybe it’s time to step up enterprise security and encrypt everything. IBM points out that in 2016 there were more than 4 billion data records compromised. That might mean simply a list of users or your medical records, political views, physical address, and passwords. The problem isn’t getting any less vexing, either. IBM estimates that data breaches increased more than five times in 2016.
To combat this increasing menace, IBM worked with 150 clients to develop the Z mainframe. It’s the most significant update to the company’s server offerings in 15 years. It includes dedicated hardware to encrypt every byte of data, so businesses no longer have to pick and choose what to encrypt. The IBM Z has 400 percent more custom silicon devoted to hardware encryption than past IBM servers, which allows it to encrypt up to 13 gigabytes of data per second on each chip, and there are 24 chips. Thus, it can run more than 12 billion encrypted transactions each day. IBM says the result is encryption that is 18 times faster than a regular x86 platform at 5 percent of the cost.
Data secured on IBM Z mainframes is locked down with 256-bit AES encryption, which is unbreakable with current technology. So, even if data is stolen, it’s of no use to the attackers. The new mainframes are designed to be compliant with data privacy laws, and they go a step further. Knowing that no security system is perfect, IBM has stored the decryption keys tamper-resistant. If the server detects a data breach, it invalidates all the keys until operators can investigate.
IBM doesn’t talk prices (interested parties have to contact IBM), but past servers in the Z-series have started in the high tens of thousands of dollars. The new Z mainframe will probably be more spendy with all that custom silicon, but it could pay for itself by stopping even a single large-scale data breach.