Peter Relson wrote: >Isn't the answer really: no, it would not have prevented the breach but it >would have prevented the breach from having the undesirable effects (e.g., >exposing sensitive data)?
Actually in my humble opinion, there are TWO answers - Yes and No. It depends on how the breach took place in the first place. If breachers are insiders themselves, you're basically out of luck and goodbye to your [sensitive and unencrypted] data. If breachers can install nefarious software on your z/OS users workstation, they can mis-use those workstations to steal [and perhaps decrypt] whatever they want. If you are leaving a hole somewhere where (non-SSL) application, FTP and TELNET for example, are open to the outside world, then you deserves to be punished. ... etc ... >If breached data is encrypted, I believe that there is not a regulatory >requirement to report the breach. I don't know about rules and regulations, but I believe ALL breaches should be reported somehow. Of course, red faces will follow despite the encrypted data. Perhaps if someone can really decrypt it, then big blue has a red face... Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN