Yottabytes: Storage and Disaster Recovery

Jul 31 2017   6:38PM GMT

IBM Mainframe Encryption Apparently Okay

Sharon Fisher Sharon Fisher Profile: Sharon Fisher


When Apple and Google released cellphones with encryption being the default, law enforcement had kittens, with dire warnings about terrorism and child pornography if there wasn’t a back door into it. And governments all over the world, including the U.S., have insisted that data shouldn’t be encrypted unless a back door was available, in case evil people were hiding evidence of their nefarious deeds.

But so far, law enforcement hasn’t complained about IBM’s new Mainframe Z, announced earlier this month. “IBM has launched a new mainframe system capable of running more than 12 billion encrypted transactions per day, in a bid to wade further into the financial cybersecurity market,” writes Ryan Browne for CNBC. “IBM claimed that its new mainframe can encrypt data at a rate 18 times faster than other platforms. The mainframe will be used initially as an encryption engine for IBM’s cloud computing technology and blockchain (distributed ledger technology) services.”

IBM didn’t say when the system would be available, though it said the technology was already in use at six of its own blockchain service centers, and at least one article indicated that the system was would be available in mid-September. The company already supports 87 percent of all credit card transactions, totaling nearly $8 trillion worth of payments each year, Browne writes.  The system is intended to “enable companies to comply with new data protection laws, such as the European Union’s General Data Protection Regulation (GDPR) and the U.S.’s Federal Financial Institutions Examination Council (FFIEC) guidance on the use of encryption in the financial services industry,” he adds. “The GDPR holds that businesses should encrypt personal data to prevent a compromise of confidentiality, while the FFIEC’s guidance states that management should ‘implement the type and level of encryption commensurate with the sensitivity of the information.’”

But by announcing the system, IBM is also drawing a line in the sand and siding with Apple, writes Brian Fung in the Washington Post. “IBM fully supports the need for governments to protect their citizens from evolving threats,” he reports the company said in a statement on the issue. “Weakening encryption technology, however, is not the answer. Encryption is simply too prevalent and necessary in modern society.”

Maybe law enforcement thinks that hackers and terrorists can’t afford mainframes like this one, which according to Fung is supposed to cost $500,000 a pop? But companies like Microsoft can, and the U.S. government has been fighting with Microsoft for several years to gain access to data that it stores overseas. What if Microsoft said fine, here’s the data – but it’s encrypted, so good luck?

Indeed, with some governments wanting to outlaw encryption altogether, is IBM going to be allowed to sell the equipment in those countries? Will people in those countries be allowed to use it? Is IBM releasing the system in hopes that it will be grandfathered in should countries implement anti-encryption laws?

Experts also point out that IBM statements about the encrypted data being more safe from hackers isn’t necessarily true. Commenters to the Washington Post article noted that only the data at rest would be encrypted, while data within an application would still be decrypted and vulnerable. In addition, hackers don’t have to be able to read data to wreak havoc, noted another. “I do not need to know what is in your data for a ‘WannaCry’ attack to work,” writes JoeFromBoston. “Even if YOU have encrypted your data, if I encrypt your encrypted data a second time, you are still in big trouble.”

So far, no comment from the FBI or other law enforcement organizations.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: