I’m talking about encryption on Thursday, March 3 at SHARE in San Antonio. Here’s a preview:
Enterprise security has always been concerned with password protection and storage encryption. These two areas make up a large portion of the IT risk portfolio. In this talk the speaker will discuss both of these areas of interest as they apply to z/OS and the mainframe:
- We will review the recent updates to the RACF password hashing algorithm; comparing and contrasting between the legacy (DES) and current (KDFAES – Key Derivation Function with AES256) algorithms by looking at practical application of open source password cracking tools against RACF.
- We will provide an in depth review of self-encrypting drive technologies as potential risk mitigation mechanisms, discussing the benefits of of using this technology as well as providing other mitigation techniques which better secure your data from prying eyes.
Attendees will come away with a richer understanding of the RACF hashing algorithms and better understand the risk and rewards of full disk encryption.