>Thus, hypothetically speaking, for a business critical call centre type >workload, required ~24*7*365, with data that is sensitive, including Name, >Address, Financial and Government details, would you encrypt the TN3270 >data path or not; so please answer: >1 - Yes >2 - No
Yes, I would, absolutely. As you point out, in many (most? all?) industries you don't have any choice -- the regulations or laws require it. I've worked with a state government that undertook the same conversion you describe, and they went to 100% TN3270 SSL encryption. (The federal government insisted, and they beat the deadline by a long time.) How'd you like your RACF/TopSecret/ACF2 user IDs and passwords all flowing over your network in the clear? Including the highly authorized IDs? It's bad enough keying such information into worm-infested Windows PCs. :-) There's crypto assist hardware of some sort in just about every mainframe, and in too many shops that circuitry is sitting idle. You paid for it already. Turn it on! - - - - - Timothy F. Sipples Consulting Enterprise Software Architect IBM Americas zSeries/z9 Software E-Mail: [EMAIL PROTECTED] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
