PK Protect® for z/OS

Discover and protect sensitive data in large z/OS
data sets with SchemaLink Technology

PK Protect® for z/OS

Discover and protect sensitive data in large z/OS
data sets with SchemaLink Technology

PK Protect® for z/OS

Discover and protect sensitive data in large z/OS
data sets with SchemaLink Technology

PK Protect for z/OS empowers organizations to accurately perform discovery and protection against their critical data stored in large VSAM clusters, sequential (extended and GDG), Partitioned (and extended), and Tape data sets on IBM Z mainframes. PK Protect for z/OS results are unmatched in the industry, giving your regulatory, data governance, and security teams the confidence they need to face oncoming audits and security challenges now and well into the future.

PK Protect for z/OS provides critical discovery on unstructured z/OS data sets. It is the only solution that uses data definitions and copybooks for accurate and precise discovery giving your organization the ability to: 

  • Meet regulatory guidelines and avoid costly penalties. 
  • Discover sensitive data that has moved around in testing, production and dev environments for over 60 years (including orphaned data sets). 
  • Minimize impact and cost of a data breach and subsequent ransom. 
  • Protect data before it is moved to the hybrid cloud. 
  • Reduce time-consuming manual efforts to discover and validate data. 
  • Support your internal policies. 
PK Protect for z/OS logo

The Unsolved Problem in z/OS

For the last 60 years, the world’s largest enterprises and governments have relied on IBM mainframes to carry their most critical workloads. Industries ranging from banking, insurance, financial services, and government, and even retail, are some of the largest consumers of Personal Identifiable Information or PII. The challenge is exacerbated when application developers copy production data for development and testing purposes, thereby duplicating, replicating, and proliferating sensitive data across the enterprise to support mission-critical applications.


of credit card transactions happen on mainframe systems.


of information technology workloads handled by mainframe systems.


out of 100 leading banks use mainframe computers for transaction.

PK Protect® for z/OS with SchemaLink Technology is the solution

PK Protect for z/OS with SchemaLink Technology solves the issue of sensitive data duplication, replication, and proliferation. It offers a secure method for managing personally identifiable information (PII), thereby ensuring data privacy and adherence to compliance regulations.

SchemaLink Technology* is an innovative feature within PK Protect for z/OS that provides unparalleled support for files, whether they have copybooks or not. This pioneering technology is one of the first in the industry that delivers enhanced flexibility and convenience allowing you to easily protect and manage your data, regardless of the file structure, making PK Protect for z/OS the ultimate solution for comprehensive data security and accessibility. This means we use YOUR data definitions to read YOUR data sets to provide you with an accurate way to discover and protect sensitive data on z/OS.

Data Discovery

PK Protect for z/OS uses a patent-pending technology called, SchemaLink, to accurately peer into unstructured data sets and apply over 150 out-of-the-box or customized policies to its discovery criteria, searching for sensitive PII, highly classified, and confidential information where ever it lives.

On-Prem Discovery for z/OS

PK Protect for z/OS runs the entire discovery process on the mainframe and is a hand-off between z/OS and the UNIX System Service (USS), where no copies are left behind and your sensitive data stays 100% on-prem in its secure IBM Z environment.

zIIP Exploitation

PK Protect for z/OS is written in cycle saving Assembler for backend functions, while the majority of the product is written in Java. Java-eligible workloads automatically exploit the z/Integrated Information Processor (zIIP), reducing the burdens on your general CP, including the cost.

API-Consumable Metadata

With 150 out-of-the-box sensitive data types, sending the results of your discovery results to 3rd party platforms, such as IBM Guardium, can often add significant reporting enhancements where few-to-none existed before.

PKWARE Data Risk Assessment

Using PK Protect® for z/OS with SchemaLink Technology, PKWARE’s Data Risk Assessment (DRA) takes a detailed look at a portion of your z/OS VSAM clusters to uncover what sensitive data resides where and what data should be considered for deletion.

News + Insights: The Latest from PKWARE

News + Insights: The Latest from PKWARE