<0471ebeac275-dmarc-requ...@listserv.ua.edu>
Sent: 16 April 2024 10:23
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: [EXTERNAL] Re: IBM key management products
"take disks back to work"
Well, an auditor could be very happy of this finding.
The disk was somewhere o
of
Radoslaw Skorupka <0471ebeac275-dmarc-requ...@listserv.ua.edu>
Sent: 16 April 2024 10:23
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: [EXTERNAL] Re: IBM key management products
"take disks back to work"
Well, an auditor could be very happy of this finding.
The disk was somewh
but I did take the now-holy disks back to work to show them the
destruction.
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
rpinion865
Sent: Monday, April 15, 2024 1:37 PM
To:IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: [EXTERNAL] Re: IBM key management products
Di
: IBM key management products
Would have been fun to line them up on a fence, and do some target practice!!!
Dave Jousma
Vice President | Director, Technology Engineering
From: IBM Mainframe Discussion List on behalf of
Pommier, Rex
Date: Monday, April 15, 2024 at 2:33 PM
To: IBM-MAIN
: [EXTERNAL] Re: IBM key management products
Didn't phase the drill bit one bit (sorry for the bad pun). I just had to be
careful not to punch a hole in the bottom of the drives so as to not get glass
shards dropping on my (very messy) shop floor. -Original Message- From:
IBM
Didn't phase
Nope, but I did take the now-holy disks back to work to show them the
destruction.
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
rpinion865
Sent: Monday, April 15, 2024 1:37 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: [EXTERNAL] Re: IBM key management products
MAIN@LISTSERV.UA.EDU
> Subject: Re: [EXTERNAL] Re: IBM key management products
>
> Nice! That's the first I've heard of glass platters. Hope your drill bit
> survived the trauma :)
>
> On 4/15/2024 8:33 AM, Pommier, Rex wrote:
>
> > Hi Tom,
> >
>
Sent: Monday, April 15, 2024 12:57 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: [EXTERNAL] Re: IBM key management products
Nice! That's the first I've heard of glass platters. Hope your drill bit
survived the trauma :)
On 4/15/2024 8:33 AM, Pommier, Rex wrote:
> Hi Tom,
>
> Reg
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of Tom
Brennan
Sent: Friday, April 12, 2024 1:41 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: [EXTERNAL] Re: IBM key management products
We use SKLM/GKLM for data-at-rest encryption of DS8000/TS7000 devices, all
internal disk
@LISTSERV.UA.EDU
Subject: [EXTERNAL] Re: IBM key management products
We use SKLM/GKLM for data-at-rest encryption of DS8000/TS7000 devices, all
internal disk storage, no external cartridge tapes. So what does that do for
the customer, since (unless you're using an additional form of encryption
Charles wrote:
>When I was doing security presentations as part of my job one of the
>"controversies" I ran into was that the supposed percentage of insider
>attacks is all over the place. I used to see 85% in one set of
>statistics and nearly zero in others. I have no independent knowledge.
My
W dniu 12.04.2024 o 22:57, Tony Harminc pisze:
On Fri, 12 Apr 2024 at 12:22, Jousma, David <
01a0403c5dc1-dmarc-requ...@listserv.ua.edu> wrote:
[...]
I personally am still having a hard time wrapping my head around the “real
benefit” of dataset encryption. Everyone who has READ or more
> compared to external attackers
When I was doing security presentations as part of my job one of the
"controversies" I ran into was that the supposed percentage of insider attacks
is all over the place. I used to see 85% in one set of statistics and nearly
zero in others. I have no
Tony Harminc wrote:
>Yes, storage administrators are a small population, but their
>credentials can be compromised as much as anyone else's, and then
>you're not dealing with rogue storage admins but with criminal (or
>goverment or whatever) actors. And storage admins (or their
>credentials) may
Mills
Sent: Friday, April 12, 2024 4:06 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: IBM key management products
Dataset encryption also guards against the situation in which a sandbox or test
LPAR (1) has very permissive RACF definitions and (2) inadvertently has shared
access to produ
On Fri, 12 Apr 2024 at 12:22, Jousma, David <
01a0403c5dc1-dmarc-requ...@listserv.ua.edu> wrote:
> [...]
> I personally am still having a hard time wrapping my head around the “real
> benefit” of dataset encryption. Everyone who has READ or more access to
> the dataset, must also be
oth<058ff5c2d0a7-dmarc-requ...@listserv.ua.edu>
Date: Friday, April 12, 2024 at 10:59 AM
To:IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: IBM key management products
Not discounting Luke's excellent response: key management is hard. Look for
utilities with reliable import/export capability. Be pre
Dataset encryption also guards against the situation in which a sandbox or test
LPAR (1) has very permissive RACF definitions and (2) inadvertently has shared
access to production DASD.
Charles
On Fri, 12 Apr 2024 14:38:22 -0400, Steve Thompson wrote:
>I clipped this to get to what I think
ousma
Vice President | Director, Technology Engineering
From: IBM Mainframe Discussion List on behalf of Rick
Troth <058ff5c2d0a7-dmarc-requ...@listserv.ua.edu>
Date: Friday, April 12, 2024 at 10:59 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: IBM key management products
Not di
I clipped this to get to what I think is the real question being
asked.
Suppose that I am a person who has access for D/R purposes to all
data sets in a data center. I only need to be able copy files. I
don't have a need read the data in the file, just get it to the
D/R system/LPAR/data
Where it should also be encrypted and secured against malicious actors.
Eric Rossman
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Colin Paice
Sent: Friday, April 12, 2024 12:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: [EXTERNAL] Re: IBM key management products
ction.
>
> Dave Jousma
> Vice President | Director, Technology Engineering
>
>
>
>
>
> From: IBM Mainframe Discussion List on behalf
> of Colin Paice <059d4daca697-dmarc-requ...@listserv.ua.edu>
> Date: Friday, April 12, 2024 at 12:28 PM
> To: IBM-MAIN@LI
:28 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: IBM key management products
I too struggled with why we need data set encryption. Someone pointed out data
in transit, for example FTPing it or copying it to a non z/OS system Colin On
Fri, 12 Apr 2024 at 17: 22, Jousma, David < 01a0403c5
n List on behalf
> of Rick Troth <058ff5c2d0a7-dmarc-requ...@listserv.ua.edu>
> Date: Friday, April 12, 2024 at 10:59 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: IBM key management products
> Not discounting Luke's excellent response: key management is hard. Look
&g
equ...@listserv.ua.edu>
Date: Friday, April 12, 2024 at 10:59 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: IBM key management products
Not discounting Luke's excellent response: key management is hard. Look for
utilities with reliable import/export capability. Be prepared to OWN your keys.
I say this
Not discounting Luke's excellent response: key management is hard.
Look for utilities with reliable import/export capability. Be prepared
to OWN your keys.
I say this again as a CISSP, own your keys. This is your bread and
butter, so to speak, the family jewels.
So take care when using these
Most of them are just different names for the same products.
IBM GKLM (Guardium Key Lifecycle Manager) is the latest name for what was once
known as TKLM, SKLM. I believe ISKLM is the z/OS version of the product.
Sometimes we see some key management products like SKLM or EKMF.
...or TKLM, ISKLM, Guardium KLM, etc.
Is there any explanation of the products scopes, comparisons, features,
etc. ?
--
Radoslaw Skorupka
Lodz, Poland
--
For
28 matches
Mail list logo
