Phil Smith said, " It's also platform-specific, so when data has to be moved across platforms, it must be decrypted and (hopefully!) re-encrypted, which is both expensive and risky: those egress points provide huge attack surface."
Why do you think this is platform specific? The AES encryption keys involved can be managed by an external key manager, (such as EKMF) and so those keys can be securely deployed to other (secured) platforms. The encrypted data can be read and then be sent to another platform and decrypted using the original encryption keys. Maybe I have misunderstood what you mean by "platform-specific". Lennie Dymoke-Bradshaw | Security Lead | RSM Partners Ltd Web: www.rsmpartners.com 'Dance like no one is watching. Encrypt like everyone is.' -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Phil Smith III Sent: 05 August 2019 17:07 To: [email protected] Subject: Re: [IBM-MAIN] Pervasive Encryption - why? Cameron Conacher asked about the value of PE, and various folks provided good answers. (Note that I'm using the "Pervasive Encryption" term in the sense that IBM did when it was first introduced: the whole-data set encryption on z/OS. More recently they've expanded it to mean the entire IBM encryption strategy, which is still developing and not particularly integrated yet; Cameron's question seemed to be entirely about the former, as were the replies.) I'd add to those replies that this kind of "transparent" encryption is obviously appealing because of its ease of implementation and low overhead, but that beyond the specific use cases cited, it provides very little protection. While the SAF-level control provides a semblance of role-based access, it doesn't really, because it's not granular: there's no control within a data set. And that also means there's no real opportunity to alert on or throttle access based on usage patterns (UBA/UEBA <https://en.wikipedia.org/wiki/User_behavior_analytics/> ). It's also platform-specific, so when data has to be moved across platforms, it must be decrypted and (hopefully!) re-encrypted, which is both expensive and risky: those egress points provide huge attack surface. GDPR and friends are all nascent in their interpretation. I find it very difficult to believe that one/three/five/whatever years from now, any of them will accept transparent encryption as an acceptable means of data protection, for the reasons above. PCI DSS (which is far more mature) has made it clear that transparent encryption is not the answer, and the security community agrees. Note that I'm not suggesting that PE is useless, just that it's at best a partial solution. "We encrypted something" is not the same as "We're securing stuff". The strongest encryption is field-level, application-level encryption. If it's also format-preserving, then you can also have cross-platform protection without having to decrypt/re-encrypt at the boundary. That's a pretty big win, for a number of reasons. Disclosure: I've spent the last 11½ years on such a product, at Voltage and then HP/HPE/Micro Focus after acquisition. So I'm not exactly un-biased. When considering encryption, the question I'd ask myself is, "Do I feel lucky?" no, wait, that's wrong. I mean, "What are the real threats I'm concerned about?" Is it someone stealing a backup? Stealing a disk from an array? Sniffing the data on the wire between the array and the CEC? A rogue storage admin? Yay, PE will solve those. An actual breach? A rogue employee besides a storage admin? Data that gets copied to the distributed world without proper protection? PE won't help with any of those, I'm afraid. Cameron also noted: >I am just trying to find that corner case where someone you don't want >to have access, could possibly be able to gain access to the data when >the file is already protected with RACF? This is a trenchant observation. If you look at any attack scenarios besides the ones cited (backups [who doesn't have encrypting tape already??], physical media theft [again, who doesn't have encrypting arrays?], sniffing the data on the wire [the original goal of PE], or a rogue storage admin [another real benefit, albeit one I doubt many folks were losing sleep over]), the encryption really isn't adding anything beyond a second SAF resource protecting the data. In other words, in those scenarios, the encryption is basically irrelevant: either you can read the data set (in which case you get it unencrypted) or you cannot. Same as any other SAF use case. My biggest concern about PE is that folks hear "encryption" and go "yay, we do this and we're protected AND compliant". And the reality is that you mostly aren't. -- ...phsiii Phil Smith III Senior Architect & Product Manager, Mainframe & Enterprise Distinguished Technologist Micro Focus (Voltage) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
