IBM proposes pervasive encryption , which can be accessed through a platform called IBM z15. Below, we will share with you what you need to know to better understand this encryption method. In addition to knowing its importance in the field of data security and privacy.
IBM is one of the pioneering companies in the world of technology. On this occasion, one of its encryption solutions stands out, which proposes to be one of the safest, especially when it comes to data encryption in transit. Something we frequently mention is that data is the most valuable asset, therefore both organizations and individuals need to be aware of technological advancements in encryption solutions.
One of the trends in cyber attacks is data leaks . They tend to occur in large corporations. Cybercriminals not only look at the volume of data they handle, but the content and its value. Personal, banking and financial data especially, are the favorite prey of data filtering events. Some may think that this is not as harmful as a DDoS attack, because the data is only exposed. However, the mere fact that a significant volume of data is exposed can mean that it can be sold for various purposes. It is even possible to find valuable databases for sale on the deep web and dark web.
There is no doubt that the security and privacy of data has become mandatory. Efforts to reach the true level of end-to-end encryption do not stop. Also, work is underway to originate stronger encryption algorithms in the sense that they are much more difficult to decipher. There’s no holding back when it comes to finding ways to execute cyber attacks.
The pervasive encryption is presented as an alternative quite efficient in relation to time, money and resources invested when encrypting data. This encryption method allows data to be protected at all points where it travels through the network. Encryption is not only applied when in transit, but also when stored ( at-rest ).
Remember that traditional encryption methods are characterized by the need to invest a lot of money, time and specialized human resources to execute operations. Pervasive encryption greatly reduces your chances of being vulnerable to potential attacks. The latter, without implying an extra effort in terms of time, money and effort to implement it. The key to this encryption method is that only users who have the key can access the data and therefore decrypt it.
Pervasive encryption operating scheme
Pervasive encryption is a reality thanks to the mainframe . It is a type of computer that is characterized by being the most secure that we can find in the world of computing. All the hardware and software necessary for it to work resides on a single machine. This type of machine is commonly used to process a large volume of data, transactions and operations that require a much higher level of security. Previously, a mainframe was known as a “very large and expensive computer” that could only be in the hands of large organizations.
However, according to IBM , today if we talk about mainframe we talk about a way to manage operations, applications and operating system resources. Likewise, the fact that the hardware is different from that of a personal computer (a desktop or laptop PC) is maintained. Today, there are not a few organizations that need adequate equipment so that their business runs smoothly and, above all, is scalable if necessary.
How does the encryption in question work? The processed data will travel through the network, precisely, encrypted at the network level . This enables encryption of data in transit. Consequently, the chances of a cybercriminal wanting to “sniff” the traffic are greatly reduced. The protocol used to secure this data in transit is TLS.
However, the latter can be compromised by the possibility that a cybercriminal can appropriate this encrypted data and lower its security level to an algorithm that is very easy to decrypt. Fortunately, the solution proposed by IBM has a technology that detects these types of attacks and mitigates them. If for any reason the attack gets hold of the data, you will not be able to decrypt it.
The master key
Another distinct feature of this encryption method is the Master Key.. This is especially useful if there are risks of cyber attacks internally, this type of attack is one of the most frequent, mainly because the authors are usually people who have sufficient permissions to access certain data sets, or you have the necessary permissions to perform actions that you shouldn’t.
Suppose some technician wants to access certain sensitive data and has the credentials for it. You try to access, but are surprised that you have denied access to the content of the encrypted data, but you do have access to the data set in question. It is like receiving a gift, unwrapping it, but you cannot open the box to view its contents.
How does this happen? The keys that allow to decrypt the content of the data are stored in a small key base that is governed by the Master Keys . Therefore, despite having access to the location of the data, it will not be decrypted at all if it does not have such a master key.
It won’t do if you only have the “normal” key to decrypt the content. The best thing about this is that if unauthorized people want to get the master keys, upon any attempt, they become zero as an extra measure of protection. Only and exclusively, Master Keys can be used by those who have requested their generation.
If you are interested in knowing more about this IBM solution, you can access its official portal . In it, you will find more detailed material about the products and services offered. In addition, it is possible to have demos and videos that explain in a higher level of detail about the IBM z15 platform . It is even possible to participate in a game! It is called “Data Encryption Challenge” and you can have a good time in addition to learning about pervasive encryption, this is a good opportunity.