-----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of John McKown Sent: Tuesday, February 10, 2009 1:48 PM To: [email protected] Subject: Re: Crypto-DASD?
On Tue, 10 Feb 2009 19:31:16 +0000, Eric Bielefeld <[email protected]> wrote: >Scott, > <snip> >I can see the value of encrypting data on PC hard drives, after all of the problems people have had with stolen PCs with sensitive data on them, but mainframe dasd? I just can't see it, or any regulations requiring it. > >Eric > >-- >Eric Bielefeld And there you have it, my friend. People can understand why it is a good idea on a PC. Therefore it is a good idea everywhere. After all, "there is no difference, right?" Management by fiat (I wonder what the Fiat management thinks about that statement). Don't think about differences. One size fits all. Manage everything consistently, even if it doesn't really make sense technically. <SNIP> Well, it seems that there are some requirements (by Auditors?) to have data encrypted on DASD. Something about belt-suspenders kinda thing. While I might have access to a file, I do not have authority to know its specific contents. My reason for having access is so that I may delete, define, etc. the container (DSN), but I am not specifically authorized to know the contents. RACF, TSS, and ACF2, to my knowledge, do not give that kind of access. Think PINs, medical info, SSNs, and other sensitive data that can be contained in files of, say, Hospital, Court System, Credit Card Processor, etc. Regards, Steve Thompson -- Opinions expressed by this poster may or may not reflect those of poster's employer. -- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
