Smartcrypt for Mainframe

Protect sensitive data and reduce resource demands

Mainframe computing systems were once considered to be relatively safe from cyber attacks, but threats to these critically important business assets are becoming more prevalent and more serious every day.

No organization can afford to leave customer information and other sensitive data housed in mainframes exposed to cyber threats. However, typical mainframe encryption solutions only protect a subset of data types or apply to limited use cases, and often create performance issues.

Persistent data security for mainframes and beyond

Smartcrypt is different. Providing data-level encryption for IBM Z mainframes, Smartcrypt is the most flexible and powerful IBM Z encryption solution available. It protects both structured and unstructured data, gives customers the option to embed encryption directly into their applications, and can secure mainframe databases with field-level, length-preserving encryption.

Unlike other encryption products (including solutions that encrypt all data stored on the mainframe), Smartcrypt applies persistent protection that stays with data even after it leaves the mainframe environment. With Smartcrypt, encrypted data can be transmitted from the mainframe to user devices, web servers, or other external destinations while remaining inaccessible to unauthorized users.

How it works

Smartcrypt exploits the z/OS Integrated Cryptographic Services Facility, delivering faster and more efficient encryption/decryption processing than other non-native encryption products. Encryption performance overhead can be 5% or even less on z14 systems.

Smartcrypt delivers additional performance enhancements by using PKWARE’s advanced compression functionality, reducing file sizes between 10 to 95 percent prior to encryption. Decreased file sizes dramatically reduce demands on CPU and storage resources, improving overall system performance. No other encryption solution offers smaller files post-encryption.

Files encrypted by Smartcrypt on mainframe systems are interoperable with Smartcrypt's other solutions, including agents for user devices, file servers, and midrange systems.

Encryption keys can be stored in purpose-built hardware security modules on IBM Z hardware, and are interoperable with third-party dedicated key management appliances. Smartcrypt also includes an automated interface for retrieving public keys from LDAP compliant directories, greatly increasing the ease of use of public keys for encryption in IBM Z processing.