Certainly you can encrypt VSAM data. What you'd be doing is protecting
against the possibility that someone forklifts your IBM, EMC, and/or
Hitachi DASD out of your data center. Make sure your security guards serve
coffee and donuts to make the thieves more comfortable while they're doing
that, OK? :-)
Encryption is most often used for data going offsite. But so many
installations are using remote mirroring (PPRC, SRDF, XRC, etc) that a
lot of "live" data is also going offsite. It would still require
someone to have access to the remote control unit (logical or physical
access) but there is a good chance that access is not controlled as
strictly as at your home data center. If it is at a commercial DR site,
with other clients coming in all the time to run tests, can the DR
vendor guarantee that no other customer can access your data? So
remote mirroring is a good argument for encrypting important data on disk.
One term I have heard lately: encrypting "data at rest", meaning that
data on disk or tape is encrpypted, and only decrypted when it is in use
by a program.
--
Bruce A. Black
Senior Software Developer for FDR
Innovation Data Processing 973-890-7300
personal: [EMAIL PROTECTED]
sales info: [EMAIL PROTECTED]
tech support: [EMAIL PROTECTED]
web: www.innovationdp.fdr.com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
