EncartaLabs

Pervasive Encryption on z/OS

( Duration: 3 Days )

Organizations are compelled to find effective and cost-efficient data security solutions. Encryption is one of the technologies that enables organizations to reduce the cost, impact and even likelihood of a breach. Encrypting data can help companies meet the stringent mandates of the GDPR, HIPAA and other mandates.

IBM z15 has been designed for pervasive encryption, enabling organizations to encrypt 100% of an organization's IBM Z critical business data in-flight and at-rest, with no application changes and no impact to SLAs. Encrypting only the data required to meet compliance mandates should be considered a minimum threshold, not a best practice. IBM z15 makes pervasive encryption the new standard in data protection and the foundation of a larger data security and protection strategy.

In Pervasive Encryption on z/OS training course you will learn how to implement Pervasive Encryption in your z/OS installation. The course explores in detail, the various technologies that are involved in z System and z/OS Cryptographic Services, ICSF, RACF and DFSMS access method Services. In the hands-on exercises, you begin with the setup of your hardware crypto environment (CCA crypto express and CPACF), then you will load and activate your AES master keys, setup ICSF and its Key datasets (CKDS PKDS TKDS), then define your data encryption keys, activate your data set encryption policy, and encrypt your data sets and zFS filesystems.

By attending Pervasive Encryption on z/OS workshop, attendees will learn to:

  • Describe the components of Pervasive Encryption on z/OS
  • Explain the role of encryption for data protection
  • Implement hardware crypto on your z System
  • Load and activate AES Master Keys
  • Implement and start ICSF
  • Understand the differences between secure keys clear keys and protected keys
  • Describe how are key values used for encryption and decryption
  • Generate, maintain and manage Keys
  • Setup access to key labels
  • Setup policy to supply key label (RACF SMS JCL)
  • Access data in encrypted data sets
  • Create encrypted data sets - Supplying key labels
  • Convert existing data sets to encryption
  • Verify encryption status
  • Encrypt Data in Transit
  • Encrypt Data at Rest
  • Manage data sets, data keys, and key labels

  • General z/OS knowledge, including basic UNIX System Services skills
  • Basic knowledge of RACF
  • This course is intended for z/OS system programmers and security specialists in charge of designing, implementing and monitoring Pervasive Encryption on z/OS.

COURSE AGENDA

1

Describe the components of Pervasive Encryption on z/OS

2

Explain the role of encryption for data protection

3

Implement hardware crypto on your z System

4

Load and activate AES Master Keys

5

Implement and start ICSF

6

Understand the differences between secure keys clear keys and protected keys

7

Describe how are key values used for encryption and decryption

8

Generate, maintain and manage Keys

9

Setup access to key labels

10

Setup policy to supply key label (RACF SMS JCL)

11

Access data in encrypted data sets

12

Create encrypted data sets - Supplying key labels

13

Convert existing data sets to encryption

14

Verify encryption status

15

Encrypt Data in Transit

16

Encrypt Data at Rest

17

Manage data sets, data keys, and key labels

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 4,000 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting http://encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top