SlideShare a Scribd company logo

Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery

CA Technologies
CA Technologies

CA Data Content Discovery helps you identify data exposure risks on z Systems by scanning through the mainframe data infrastructure. By discovering where the data is located, classifying the data to determine sensitivity level, and providing comprehensive reporting on the scan results, data can be adequately protected and exposure risks can be mitigated. For more information, please visit http://cainc.to/Nv2VOe

Technology
1 of 31
Download to read offline
Locating Unmanaged but Regulated Data on z Systems: CA Data Content Discovery Mary Ann Furno Mainframe CA Technologies Director, Software Engineering MFX25S
2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For Informational Purposes Only Terms of this Presentation © 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The presentation provided at CA World 2015 is intended for information purposes only and does not form any type of warranty. Some of the specific slides with customer references relate to customer's specific use and experience of CA products and solutions so actual results may vary. Certain information in this presentation may outline CA’s general product direction. This presentation shall not serve to (i) affect the rights and/or obligations of CA or its licensees under any existing or future license agreement or services agreement relating to any CA software product; or (ii) amend any product documentation or specifications for any CA software product. This presentation is based on current information and resource allocations as of November 18, 2015, and is subject to change or withdrawal by CA at any time without notice. The development, release and timing of any features or functionality described in this presentation remain at CA’s sole discretion. Notwithstanding anything in this presentation to the contrary, upon the general availability of any future CA product release referenced in this presentation, CA may make such release available to new licensees in the form of a regularly scheduled major product release. Such release may be made available to licensees of the product who are active subscribers to CA maintenance and support, on a when and if- available basis. The information in this presentation is not deemed to be incorporated into any contract.
3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Abstract CA Data Content Discovery helps you identify data exposure risks on z Systems by scanning through the mainframe data infrastructure. By discovering where the data is located, classifying the data to determine sensitivity level, and providing comprehensive reporting on the scan results, data can be adequately protected and exposure risks can be mitigated. Mary Ann Furno CA Technologies Director, Software Engineering
4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Agenda CISOS, REGULATED DATA, AND THE MAINFRAME SENSITIVE DATA DEFINED DATA CONTENT DISCOVERY ON THE MAINFRAME DATA CONTENT DISCOVERY ROADMAP 1 2 3 4
CISOs, Regulated Data, and the Mainframe
6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The Mainframe has never been hacked! Mainframe data stays on the mainframe; so it is safe! Data is fluid in today’s world. Data analytics; cloud Marriage of MF data and non MF data Mainframe is well understood and covered under three lines of risk control– Operational, Compliance and Internal audit The Current State REALITYMYTH Consider: Social engineering hacks Human error as MF experts retire Mainframe is viewed as a black-box breeds complacency –compounding the risk
7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD 71% of the world’s mission critical data is on the mainframe The mainframe acts as the enterprise IT server and has more entry and exit vectors. We must protect the mainframe and all business critical data as the strategic assets that they are, plus ensure easily confirmed regulatory compliance. Years in the making… Source: Rehabilitating the Perception of Mainframes, Enterprise systems Media, 22 July 2015
8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD What We Hear From Clients Regulated data has to be protected, regardless of what type of server it sits on or how it got there. That includes the mainframe, and existing controls may not cover all of it. We know where our sensitive, regulated data is…. It’s in our data center. Audit MF Security analystCISO The mainframe is now just another always- on server connected to all the others in our TCP/IP network. I’m not sure all the data hosted there is being managed to policy… We know the mainframe is no longer isolated from other servers in the network. We don’t know how much unmanaged regulated data now resides there… With the addition of TCP/IP via USS, mainframe data is fluid – we don’t know what we don’t know about what’s being stored there…. MF Security Director I need to exploit data’s full value proposition for my organization while controlling the risk. Chief Data Officer
9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The Impact of Data Theft Health Insurance Announced: March 2015 Records stolen: 11M Cost: To be determined. Facing a class action lawsuit as well as potential regulatory violation fines. Retail Announced: September 2014 Records stolen: 56M Cost: $43M and counting. Estimates put this as high as $10B (includes all remediation costs borne by the company and consumers) Health Systems Announced: August 2014 Records stolen: 4.5M Cost: $75M – $150M eCommerce Announced: May 2014 Records stolen: 233M Cost: $200M and counting. Retail Announced: December 2013 Records stolen: 70M Cost: $162M and counting. Recent estimates put this at well over $1B. Government Announced: May 2015 Records stolen: 22M Cost: To be determined. Likely facing a class action lawsuit as well as others.
Sensitive Data Defined
12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD PCI DSS Data Administered by one body  Payment Security Council Account Data Cardholder Data Sensitive Authentication Data Primary Account Number (PAN) Magnetic stripe data Cardholder Name CAV2/CVC2/CVV2/CID Expiration Date PINs/PIN blocks Service Code
13 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Personally Identifiable Information – PII PII Attributes Full Name Date of birth Home Address Email address National Identification Number Passport number Drivers License Number Vehicle registration Birthplace Genetic information Telephone number Login name, screen name, nickname, handle Face, fingerprints, handwriting IP Address Credit Card Numbers Digital identity First Name Last Name Country, state, postcode, city Age Gender Race Schools attended Criminal record Legislated by an large & growing number of governmental entities  Multi-national: EU Data Protection Directive  National: Gramm-Leach Bliley Banking Modernization Act, Canada Privacy Act  Local: California SB 1386, Nevada Statute 603A, Massachusetts 201 CMR 17.00
14 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD PHI Attributes Full Name Geographic subdivision Data elements Telephone number Fax number Electronic mail address SSN Medical record number Health Plan beneficiary number Account number Certificate/license number Vehicle ID/Serial number/license plate number Device identifier/serial number Biometric identifier Full face photograph or image Other unique identifying element Initially, only US, now spreading internationally Legislated by an large & growing number of governmental entities  Multi-national: TBD  National: US HIPAA / HITECH ACTs  Local: TBD Protected Health Information - PHI
Data Content Discovery on the Mainframe
Existing mainframe content discovery tools migrate off the mainframe to PCs or other devices to scan Why locating data on a mainframe is a problem?  Report writers extract production data and data exists in sequential files or JES spool  Copies of sensitive production data exist  Files with possible sensitive data are accidentally sent to outside parties without validation of content  Once data is extracted, the target destination doesn’t match the security characteristics of source DB RESULT Organizations are neither prepared for, or confident in an audit! CHALLENGES REALITY Why locating data on a mainframe is a problem?
17 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD CA Data Content Discovery FIND Set up the scan Initiate the scan Provide discovered results to Security Administrator CLASSIFY Review compliance results and label sensitive data Provide compliance report to Internal Auditor PROTECT Modify access based on scan results Confirm successful audit against industry regulations Security Operations Internal Auditor Security Administrator
18 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Find It: Define Scope
19 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Classify it
20 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Account Data Cardholder Data Sensitive Authentication Data Primary Account Number (PAN) Magnetic stripe data Cardholder Name CAV2/CVC2/CVV2/CID Expiration Date PINs/PIN blocks Service Code Classify It: PCI Data
21 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Classify It: PII Data PII Attributes Full Name Date of birth Home Address Email address National Identification Number Passport number Drivers License Number Vehicle registration Birthplace Genetic information Telephone number Login name, screen name, nickname, handle Face, fingerprints, handwriting IP Address Credit Card Numbers Digital identity First Name Last Name Country, state, postcode, city Age Gender Race Schools attended Criminal record C C C C C C C C C C C C C C C Custom Classifier Quick Picks
22 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Classify It: PHI Data PHI Attributes Full Name Geographic subdivision Data elements Telephone number Fax number Electronic mail address SSN Medical record number Health Plan beneficiary number Account number Certificate/license number Vehicle ID/Serial number/license plate number Device identifier/serial number Biometric identifier Full face photograph or image Other unique identifying element C Custom Classifier Quick Picks C C C C C C C C C
23 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Protect It: Who Has Access to the Sensitive Data?
24 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD CA Data Content Discovery Promise FIND IT CLASSIFY IT PROTECT IT For CISO, MF Security Director FOR CISO, Internal Audit, Risk Officer FOR MF Security analysts, MF Data analyst The first data-pattern scanning capability uniquely natively on mainframe in the market Simple and Modern GUI along with Flexible scheduling designed for both z and non-IBM z personnel Eliminate risky offloading- with data security right on the mainframe. Only Data security product currently on the market for mainframe to use specialty engines to reduce upgrade costs Gain quick and critical insight about the potential and magnitude of data exposure on the mainframe Prove it to auditors that controls are checked by data-types to satisfy regulations Stay in control – eliminate risk while reducing costs of data protection processes
25 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Product / Technology Architecture Execution Policy Web GUI Control Scans Reporting Classification Engine: z/OS Data Sources VSAM DB2 PS API 3rd party 3rd party CA Compliance Event Manager PDS/ PDSE … Description of Technology Overview of Technology  Data Content Discovery “scans” data, identifying data vulnerabilities and risks to compliance Lands Lightly  Product has no other CA product dependencies or other prerequisites, installs in <1 day DCD Repository
26 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Data Content Discovery – A critical part of CA’s Security and Compliance Solution CA Data Protection 3rd party DLP Solution 3rd party DLP Solution Big Data Analytics Solutions CA Compliance Event Manager IBM RACF CA Top Secret CA ACF2 CA Cleanup In Ideation: Mainframe Advanced Authentication CA Data Content Discovery CA Auditor Secure mainframe assets Capture events affecting compliance and policy Discover sensitive data Extend compliance event data to analytics solutions Enable secure data in motion across the enterprise Security Administrator Big Data AnalystAuditor Planned Available Non-CA Product
27 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Results There is stray, unmanaged, unprotected data on your mainframe – regulated, sensitive data that will damage the enterprise if compromised Find it, classify it, protect it with DCD Summary A Few Words to Review
28 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Recommended Sessions SESSION # TITLE DATE/TIME Tech Talk Isn’t one authentication mechanism on z Systems™ enough? 11/18 – 4:30pm Mainframe Content Center Mainframe Theater Panel Discussion: Is Complacency Around Mainframe Security a Disaster Waiting to Happen? 11/18 – 3:45pm Mainframe Theater Tech Talk The Known Unknown – Finding lost, abandoned, and hidden regulated data on the Mainframe 11/19 – 12:15pm Mainframe Content Center MFX26S How to Increase User Accountability by Eliminating the Default User in Unix System Services 11/19 – 1:00pm Breakers I MFX47S Top 10 things you shout NOT forget when evaluating your security implementation 11/19 – 2:00pm Breakers I
29 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Follow Conversations in the Mainframe Content Center  CA Data Content Discovery  CA ACF2 ™ for z/OS  CA Top Secret® for z/OS  CA Cleanup  CA Auditor  Advanced Authentication Nov 18th @ 4:30pm  The Known Unknown - Nov 19th @ 12:15pm
30 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Q & A
31 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For More Information To learn more, please visit: http://cainc.to/Nv2VOe CA World ’15

Recommended

How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...
How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...
How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...
CA Technologies
 
TechTalk: Extreme Automation Creating Headless Tests “Automagically”
TechTalk: Extreme Automation Creating Headless Tests “Automagically”TechTalk: Extreme Automation Creating Headless Tests “Automagically”
TechTalk: Extreme Automation Creating Headless Tests “Automagically”
CA Technologies
 
See Inside the Middleware Black Box
See Inside the Middleware Black Box See Inside the Middleware Black Box
See Inside the Middleware Black Box
CA Technologies
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
CA Technologies
 
CA Gen Exploration – What's New and Cool in Application Development
CA Gen Exploration – What's New and Cool in Application DevelopmentCA Gen Exploration – What's New and Cool in Application Development
CA Gen Exploration – What's New and Cool in Application Development
CA Technologies
 
How to Get the Best User Experience for Your Customers With: CA View® / CA De...
How to Get the Best User Experience for Your Customers With: CA View® / CA De...How to Get the Best User Experience for Your Customers With: CA View® / CA De...
How to Get the Best User Experience for Your Customers With: CA View® / CA De...
CA Technologies
 
Creating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your CustomersCreating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your Customers
CA Technologies
 
Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...
Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...
Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...
CA Technologies
 

Recommended

How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...
How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...
How to Get Your Life Back: Succeeding at Software Asset Management (SAM) at F...
CA Technologies
 
TechTalk: Extreme Automation Creating Headless Tests “Automagically”
TechTalk: Extreme Automation Creating Headless Tests “Automagically”TechTalk: Extreme Automation Creating Headless Tests “Automagically”
TechTalk: Extreme Automation Creating Headless Tests “Automagically”
CA Technologies
 
See Inside the Middleware Black Box
See Inside the Middleware Black Box See Inside the Middleware Black Box
See Inside the Middleware Black Box
CA Technologies
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
CA Technologies
 
CA Gen Exploration – What's New and Cool in Application Development
CA Gen Exploration – What's New and Cool in Application DevelopmentCA Gen Exploration – What's New and Cool in Application Development
CA Gen Exploration – What's New and Cool in Application Development
CA Technologies
 
How to Get the Best User Experience for Your Customers With: CA View® / CA De...
How to Get the Best User Experience for Your Customers With: CA View® / CA De...How to Get the Best User Experience for Your Customers With: CA View® / CA De...
How to Get the Best User Experience for Your Customers With: CA View® / CA De...
CA Technologies
 
Creating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your CustomersCreating an Omnichannel Experience for Your Customers
Creating an Omnichannel Experience for Your Customers
CA Technologies
 
Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...
Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...
Tech Talk: Service Virtualization on Demand—Have Everything, Whenever and Whe...
CA Technologies
 
Pre-Con Education: Advanced and Reporting and Dashboards With Xtraction
Pre-Con Education: Advanced and Reporting and Dashboards With XtractionPre-Con Education: Advanced and Reporting and Dashboards With Xtraction
Pre-Con Education: Advanced and Reporting and Dashboards With Xtraction
CA Technologies
 
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
CA Technologies
 
Hands-On Lab: Using CA Mobile Application Analytics REST APIs
Hands-On Lab: Using CA Mobile Application Analytics REST APIsHands-On Lab: Using CA Mobile Application Analytics REST APIs
Hands-On Lab: Using CA Mobile Application Analytics REST APIs
CA Technologies
 
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
CA Technologies
 
Pre-Con Education: Effective Change/Configuration Management With CA Service...
Pre-Con Education: Effective Change/Configuration Management With CA Service...Pre-Con Education: Effective Change/Configuration Management With CA Service...
Pre-Con Education: Effective Change/Configuration Management With CA Service...
CA Technologies
 
It's the 2010's. Why are you Still Manually Writing Tests?
It's the 2010's. Why are you Still Manually Writing Tests?It's the 2010's. Why are you Still Manually Writing Tests?
It's the 2010's. Why are you Still Manually Writing Tests?
CA Technologies
 
CA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & Forecasting
CA Technologies
 
Tech Talk: Knowledge Management of the Future for ITSM
Tech Talk: Knowledge Management of the Future for ITSMTech Talk: Knowledge Management of the Future for ITSM
Tech Talk: Knowledge Management of the Future for ITSM
CA Technologies
 
Managing Software Entitlements in Software Asset Management Solutions from CA
Managing Software Entitlements in Software Asset Management Solutions from CAManaging Software Entitlements in Software Asset Management Solutions from CA
Managing Software Entitlements in Software Asset Management Solutions from CA
CA Technologies
 
Case Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
Case Study: Molina Medicaid Solutions Transforms Healthcare Through AutomationCase Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
Case Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
CA Technologies
 
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
CA Technologies
 
Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile Applications
CA Technologies
 
CA Performance Management 2.6 Deep Dive
CA Performance Management 2.6 Deep DiveCA Performance Management 2.6 Deep Dive
CA Performance Management 2.6 Deep Dive
CA Technologies
 
Agile in Operations, DevOps and Architecture
Agile in Operations, DevOps and ArchitectureAgile in Operations, DevOps and Architecture
Agile in Operations, DevOps and Architecture
CA Technologies
 
Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in? Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in?
CA Technologies
 
Technology Primer: Customize CA Application Performance Management With Tip...
Technology Primer: Customize CA Application Performance Management With Tip...Technology Primer: Customize CA Application Performance Management With Tip...
Technology Primer: Customize CA Application Performance Management With Tip...
CA Technologies
 
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
CA Technologies
 
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorGo Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
CA Technologies
 
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
CA Technologies
 
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
CA Technologies
 
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
CA Technologies
 
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session ManagementTech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
CA Technologies
 

More Related Content

What's hot

Pre-Con Education: Advanced and Reporting and Dashboards With Xtraction
Pre-Con Education: Advanced and Reporting and Dashboards With XtractionPre-Con Education: Advanced and Reporting and Dashboards With Xtraction
Pre-Con Education: Advanced and Reporting and Dashboards With Xtraction
CA Technologies
 
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
CA Technologies
 
Hands-On Lab: Using CA Mobile Application Analytics REST APIs
Hands-On Lab: Using CA Mobile Application Analytics REST APIsHands-On Lab: Using CA Mobile Application Analytics REST APIs
Hands-On Lab: Using CA Mobile Application Analytics REST APIs
CA Technologies
 
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
CA Technologies
 
Pre-Con Education: Effective Change/Configuration Management With CA Service...
Pre-Con Education: Effective Change/Configuration Management With CA Service...Pre-Con Education: Effective Change/Configuration Management With CA Service...
Pre-Con Education: Effective Change/Configuration Management With CA Service...
CA Technologies
 
It's the 2010's. Why are you Still Manually Writing Tests?
It's the 2010's. Why are you Still Manually Writing Tests?It's the 2010's. Why are you Still Manually Writing Tests?
It's the 2010's. Why are you Still Manually Writing Tests?
CA Technologies
 
CA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & Forecasting
CA Technologies
 
Tech Talk: Knowledge Management of the Future for ITSM
Tech Talk: Knowledge Management of the Future for ITSMTech Talk: Knowledge Management of the Future for ITSM
Tech Talk: Knowledge Management of the Future for ITSM
CA Technologies
 
Managing Software Entitlements in Software Asset Management Solutions from CA
Managing Software Entitlements in Software Asset Management Solutions from CAManaging Software Entitlements in Software Asset Management Solutions from CA
Managing Software Entitlements in Software Asset Management Solutions from CA
CA Technologies
 
Case Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
Case Study: Molina Medicaid Solutions Transforms Healthcare Through AutomationCase Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
Case Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
CA Technologies
 
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
CA Technologies
 
Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile Applications
CA Technologies
 
CA Performance Management 2.6 Deep Dive
CA Performance Management 2.6 Deep DiveCA Performance Management 2.6 Deep Dive
CA Performance Management 2.6 Deep Dive
CA Technologies
 
Agile in Operations, DevOps and Architecture
Agile in Operations, DevOps and ArchitectureAgile in Operations, DevOps and Architecture
Agile in Operations, DevOps and Architecture
CA Technologies
 
Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in? Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in?
CA Technologies
 
Technology Primer: Customize CA Application Performance Management With Tip...
Technology Primer: Customize CA Application Performance Management With Tip...Technology Primer: Customize CA Application Performance Management With Tip...
Technology Primer: Customize CA Application Performance Management With Tip...
CA Technologies
 
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
CA Technologies
 
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorGo Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
CA Technologies
 
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
CA Technologies
 
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
CA Technologies
 

What's hot (20)

Pre-Con Education: Advanced and Reporting and Dashboards With Xtraction
Pre-Con Education: Advanced and Reporting and Dashboards With XtractionPre-Con Education: Advanced and Reporting and Dashboards With Xtraction
Pre-Con Education: Advanced and Reporting and Dashboards With Xtraction
 
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
Centralized, Convenient Application Access–the One Stop Shop for Identity Ser...
 
Hands-On Lab: Using CA Mobile Application Analytics REST APIs
Hands-On Lab: Using CA Mobile Application Analytics REST APIsHands-On Lab: Using CA Mobile Application Analytics REST APIs
Hands-On Lab: Using CA Mobile Application Analytics REST APIs
 
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
Fines in the Millions Levied Every Year Coming Soon! The Business Case for ...
 
Pre-Con Education: Effective Change/Configuration Management With CA Service...
Pre-Con Education: Effective Change/Configuration Management With CA Service...Pre-Con Education: Effective Change/Configuration Management With CA Service...
Pre-Con Education: Effective Change/Configuration Management With CA Service...
 
It's the 2010's. Why are you Still Manually Writing Tests?
It's the 2010's. Why are you Still Manually Writing Tests?It's the 2010's. Why are you Still Manually Writing Tests?
It's the 2010's. Why are you Still Manually Writing Tests?
 
CA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & ForecastingCA Project and Portfolio Management Budgeting & Forecasting
CA Project and Portfolio Management Budgeting & Forecasting
 
Tech Talk: Knowledge Management of the Future for ITSM
Tech Talk: Knowledge Management of the Future for ITSMTech Talk: Knowledge Management of the Future for ITSM
Tech Talk: Knowledge Management of the Future for ITSM
 
Managing Software Entitlements in Software Asset Management Solutions from CA
Managing Software Entitlements in Software Asset Management Solutions from CAManaging Software Entitlements in Software Asset Management Solutions from CA
Managing Software Entitlements in Software Asset Management Solutions from CA
 
Case Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
Case Study: Molina Medicaid Solutions Transforms Healthcare Through AutomationCase Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
Case Study: Molina Medicaid Solutions Transforms Healthcare Through Automation
 
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
Orchestrating Legacy Services Into Contemporary RESTful WEB APIs With CA App ...
 
Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile Applications
 
CA Performance Management 2.6 Deep Dive
CA Performance Management 2.6 Deep DiveCA Performance Management 2.6 Deep Dive
CA Performance Management 2.6 Deep Dive
 
Agile in Operations, DevOps and Architecture
Agile in Operations, DevOps and ArchitectureAgile in Operations, DevOps and Architecture
Agile in Operations, DevOps and Architecture
 
Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in? Knock, Knock…The Internet of Things wants to come in?
Knock, Knock…The Internet of Things wants to come in?
 
Technology Primer: Customize CA Application Performance Management With Tip...
Technology Primer: Customize CA Application Performance Management With Tip...Technology Primer: Customize CA Application Performance Management With Tip...
Technology Primer: Customize CA Application Performance Management With Tip...
 
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
Case Study: ING Builds Highly Available Continuous Delivery Pipeline with Mic...
 
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services OrchestratorGo Mobile to Mainframe With CA Gen and CA App Services Orchestrator
Go Mobile to Mainframe With CA Gen and CA App Services Orchestrator
 
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...
 
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
Hands-On Lab: CA Spectrum® 10.0 Deep Dive – 64-Bit, Network Virtualization an...
 

Similar to Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery

The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
CA Technologies
 
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session ManagementTech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
CA Technologies
 
Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security
CA Technologies
 
Putting Security in Identity-as-a-Service
Putting Security in Identity-as-a-ServicePutting Security in Identity-as-a-Service
Putting Security in Identity-as-a-Service
CA Technologies
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
CA Technologies
 
API’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloudAPI’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloud
CA Technologies
 
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
CA Technologies
 
How Can Test Data Management Overcome Mainframe Testing Challenges?
How Can Test Data Management Overcome Mainframe Testing Challenges?How Can Test Data Management Overcome Mainframe Testing Challenges?
How Can Test Data Management Overcome Mainframe Testing Challenges?
CA Technologies
 
Hands-On Labs: Introduction to CA Unified Infrastructure Management
Hands-On Labs: Introduction to CA Unified Infrastructure Management Hands-On Labs: Introduction to CA Unified Infrastructure Management
Hands-On Labs: Introduction to CA Unified Infrastructure Management
CA Technologies
 
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020
OWASP
 
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
CA Technologies
 
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelMobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
CA Technologies
 
CIS14: Network-Aware IAM
CIS14: Network-Aware IAMCIS14: Network-Aware IAM
CIS14: Network-Aware IAM
CloudIDSummit
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk
 
CipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: TokenizationCipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: Tokenization
CipherCloud
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
CA Technologies
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
Richard (Dick) Kaufman
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital Trust
CA Technologies
 
Castle Walls Under Digital Siege: Risk-based Security for z/OS
Castle Walls Under Digital Siege: Risk-based Security for z/OSCastle Walls Under Digital Siege: Risk-based Security for z/OS
Castle Walls Under Digital Siege: Risk-based Security for z/OS
CA Technologies
 

Similar to Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery (20)

The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
The Known Unknown—Finding Lost, Abandoned and Hidden Regulated or Sensitive D...
 
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session ManagementTech Talk: Preventing Data Breaches with Risk-Aware Session Management
Tech Talk: Preventing Data Breaches with Risk-Aware Session Management
 
Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security Ten Things You Should not Forget in Mainframe Security
Ten Things You Should not Forget in Mainframe Security
 
Putting Security in Identity-as-a-Service
Putting Security in Identity-as-a-ServicePutting Security in Identity-as-a-Service
Putting Security in Identity-as-a-Service
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
 
API’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloudAPI’s and Identity: Enabling Optum to become the HealthCare cloud
API’s and Identity: Enabling Optum to become the HealthCare cloud
 
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
Is Complacency Around Mainframe Security a Disaster Waiting to Happen?
 
How Can Test Data Management Overcome Mainframe Testing Challenges?
How Can Test Data Management Overcome Mainframe Testing Challenges?How Can Test Data Management Overcome Mainframe Testing Challenges?
How Can Test Data Management Overcome Mainframe Testing Challenges?
 
Hands-On Labs: Introduction to CA Unified Infrastructure Management
Hands-On Labs: Introduction to CA Unified Infrastructure Management Hands-On Labs: Introduction to CA Unified Infrastructure Management
Hands-On Labs: Introduction to CA Unified Infrastructure Management
 
[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020[OPD 2019] Top 10 Security Facts of 2020
[OPD 2019] Top 10 Security Facts of 2020
 
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
 
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next LevelMobile Risk Analysis: Take Your Mobile App Security to the Next Level
Mobile Risk Analysis: Take Your Mobile App Security to the Next Level
 
CIS14: Network-Aware IAM
CIS14: Network-Aware IAMCIS14: Network-Aware IAM
CIS14: Network-Aware IAM
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
 
CipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: TokenizationCipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: Tokenization
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital Trust
 
Castle Walls Under Digital Siege: Risk-based Security for z/OS
Castle Walls Under Digital Siege: Risk-based Security for z/OSCastle Walls Under Digital Siege: Risk-based Security for z/OS
Castle Walls Under Digital Siege: Risk-based Security for z/OS
 

More from CA Technologies

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource Intelligence
CA Technologies
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
CA Technologies
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
CA Technologies
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software Development
CA Technologies
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
CA Technologies
 
Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on Time
CA Technologies
 
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
CA Technologies
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital Government
CA Technologies
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security Program
CA Technologies
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive Advantage
CA Technologies
 
Emerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementEmerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access Management
CA Technologies
 
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
CA Technologies
 
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
CA Technologies
 
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
CA Technologies
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
CA Technologies
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
CA Technologies
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
CA Technologies
 
Blockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentBlockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of Deployment
CA Technologies
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital Enterprise
CA Technologies
 
How Components Increase Speed and Risk
How Components Increase Speed and RiskHow Components Increase Speed and Risk
How Components Increase Speed and Risk
CA Technologies
 

More from CA Technologies (20)

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource Intelligence
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software Development
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
 
Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on Time
 
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital Government
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security Program
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive Advantage
 
Emerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementEmerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access Management
 
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
 
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
 
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
 
Blockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of DeploymentBlockchain: Strategies for Moving From Hype to Realities of Deployment
Blockchain: Strategies for Moving From Hype to Realities of Deployment
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital Enterprise
 
How Components Increase Speed and Risk
How Components Increase Speed and RiskHow Components Increase Speed and Risk
How Components Increase Speed and Risk
 

Recently uploaded

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 

Recently uploaded (20)

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 

Locating Unmanaged but Regulated Data on System z: CA Data Content Discovery

  • 1. Locating Unmanaged but Regulated Data on z Systems: CA Data Content Discovery Mary Ann Furno Mainframe CA Technologies Director, Software Engineering MFX25S
  • 2. 2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For Informational Purposes Only Terms of this Presentation © 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The presentation provided at CA World 2015 is intended for information purposes only and does not form any type of warranty. Some of the specific slides with customer references relate to customer's specific use and experience of CA products and solutions so actual results may vary. Certain information in this presentation may outline CA’s general product direction. This presentation shall not serve to (i) affect the rights and/or obligations of CA or its licensees under any existing or future license agreement or services agreement relating to any CA software product; or (ii) amend any product documentation or specifications for any CA software product. This presentation is based on current information and resource allocations as of November 18, 2015, and is subject to change or withdrawal by CA at any time without notice. The development, release and timing of any features or functionality described in this presentation remain at CA’s sole discretion. Notwithstanding anything in this presentation to the contrary, upon the general availability of any future CA product release referenced in this presentation, CA may make such release available to new licensees in the form of a regularly scheduled major product release. Such release may be made available to licensees of the product who are active subscribers to CA maintenance and support, on a when and if- available basis. The information in this presentation is not deemed to be incorporated into any contract.
  • 3. 3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Abstract CA Data Content Discovery helps you identify data exposure risks on z Systems by scanning through the mainframe data infrastructure. By discovering where the data is located, classifying the data to determine sensitivity level, and providing comprehensive reporting on the scan results, data can be adequately protected and exposure risks can be mitigated. Mary Ann Furno CA Technologies Director, Software Engineering
  • 4. 4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Agenda CISOS, REGULATED DATA, AND THE MAINFRAME SENSITIVE DATA DEFINED DATA CONTENT DISCOVERY ON THE MAINFRAME DATA CONTENT DISCOVERY ROADMAP 1 2 3 4
  • 6. 6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The Mainframe has never been hacked! Mainframe data stays on the mainframe; so it is safe! Data is fluid in today’s world. Data analytics; cloud Marriage of MF data and non MF data Mainframe is well understood and covered under three lines of risk control– Operational, Compliance and Internal audit The Current State REALITYMYTH Consider: Social engineering hacks Human error as MF experts retire Mainframe is viewed as a black-box breeds complacency –compounding the risk
  • 7. 7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD 71% of the world’s mission critical data is on the mainframe The mainframe acts as the enterprise IT server and has more entry and exit vectors. We must protect the mainframe and all business critical data as the strategic assets that they are, plus ensure easily confirmed regulatory compliance. Years in the making… Source: Rehabilitating the Perception of Mainframes, Enterprise systems Media, 22 July 2015
  • 8. 8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD What We Hear From Clients Regulated data has to be protected, regardless of what type of server it sits on or how it got there. That includes the mainframe, and existing controls may not cover all of it. We know where our sensitive, regulated data is…. It’s in our data center. Audit MF Security analystCISO The mainframe is now just another always- on server connected to all the others in our TCP/IP network. I’m not sure all the data hosted there is being managed to policy… We know the mainframe is no longer isolated from other servers in the network. We don’t know how much unmanaged regulated data now resides there… With the addition of TCP/IP via USS, mainframe data is fluid – we don’t know what we don’t know about what’s being stored there…. MF Security Director I need to exploit data’s full value proposition for my organization while controlling the risk. Chief Data Officer
  • 9. 9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
  • 10. 10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The Impact of Data Theft Health Insurance Announced: March 2015 Records stolen: 11M Cost: To be determined. Facing a class action lawsuit as well as potential regulatory violation fines. Retail Announced: September 2014 Records stolen: 56M Cost: $43M and counting. Estimates put this as high as $10B (includes all remediation costs borne by the company and consumers) Health Systems Announced: August 2014 Records stolen: 4.5M Cost: $75M – $150M eCommerce Announced: May 2014 Records stolen: 233M Cost: $200M and counting. Retail Announced: December 2013 Records stolen: 70M Cost: $162M and counting. Recent estimates put this at well over $1B. Government Announced: May 2015 Records stolen: 22M Cost: To be determined. Likely facing a class action lawsuit as well as others.
  • 12. 12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD PCI DSS Data Administered by one body  Payment Security Council Account Data Cardholder Data Sensitive Authentication Data Primary Account Number (PAN) Magnetic stripe data Cardholder Name CAV2/CVC2/CVV2/CID Expiration Date PINs/PIN blocks Service Code
  • 13. 13 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Personally Identifiable Information – PII PII Attributes Full Name Date of birth Home Address Email address National Identification Number Passport number Drivers License Number Vehicle registration Birthplace Genetic information Telephone number Login name, screen name, nickname, handle Face, fingerprints, handwriting IP Address Credit Card Numbers Digital identity First Name Last Name Country, state, postcode, city Age Gender Race Schools attended Criminal record Legislated by an large & growing number of governmental entities  Multi-national: EU Data Protection Directive  National: Gramm-Leach Bliley Banking Modernization Act, Canada Privacy Act  Local: California SB 1386, Nevada Statute 603A, Massachusetts 201 CMR 17.00
  • 14. 14 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD PHI Attributes Full Name Geographic subdivision Data elements Telephone number Fax number Electronic mail address SSN Medical record number Health Plan beneficiary number Account number Certificate/license number Vehicle ID/Serial number/license plate number Device identifier/serial number Biometric identifier Full face photograph or image Other unique identifying element Initially, only US, now spreading internationally Legislated by an large & growing number of governmental entities  Multi-national: TBD  National: US HIPAA / HITECH ACTs  Local: TBD Protected Health Information - PHI
  • 15. Data Content Discovery on the Mainframe
  • 16. Existing mainframe content discovery tools migrate off the mainframe to PCs or other devices to scan Why locating data on a mainframe is a problem?  Report writers extract production data and data exists in sequential files or JES spool  Copies of sensitive production data exist  Files with possible sensitive data are accidentally sent to outside parties without validation of content  Once data is extracted, the target destination doesn’t match the security characteristics of source DB RESULT Organizations are neither prepared for, or confident in an audit! CHALLENGES REALITY Why locating data on a mainframe is a problem?
  • 17. 17 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD CA Data Content Discovery FIND Set up the scan Initiate the scan Provide discovered results to Security Administrator CLASSIFY Review compliance results and label sensitive data Provide compliance report to Internal Auditor PROTECT Modify access based on scan results Confirm successful audit against industry regulations Security Operations Internal Auditor Security Administrator
  • 18. 18 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Find It: Define Scope
  • 19. 19 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Classify it
  • 20. 20 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Account Data Cardholder Data Sensitive Authentication Data Primary Account Number (PAN) Magnetic stripe data Cardholder Name CAV2/CVC2/CVV2/CID Expiration Date PINs/PIN blocks Service Code Classify It: PCI Data
  • 21. 21 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Classify It: PII Data PII Attributes Full Name Date of birth Home Address Email address National Identification Number Passport number Drivers License Number Vehicle registration Birthplace Genetic information Telephone number Login name, screen name, nickname, handle Face, fingerprints, handwriting IP Address Credit Card Numbers Digital identity First Name Last Name Country, state, postcode, city Age Gender Race Schools attended Criminal record C C C C C C C C C C C C C C C Custom Classifier Quick Picks
  • 22. 22 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Classify It: PHI Data PHI Attributes Full Name Geographic subdivision Data elements Telephone number Fax number Electronic mail address SSN Medical record number Health Plan beneficiary number Account number Certificate/license number Vehicle ID/Serial number/license plate number Device identifier/serial number Biometric identifier Full face photograph or image Other unique identifying element C Custom Classifier Quick Picks C C C C C C C C C
  • 23. 23 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Protect It: Who Has Access to the Sensitive Data?
  • 24. 24 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD CA Data Content Discovery Promise FIND IT CLASSIFY IT PROTECT IT For CISO, MF Security Director FOR CISO, Internal Audit, Risk Officer FOR MF Security analysts, MF Data analyst The first data-pattern scanning capability uniquely natively on mainframe in the market Simple and Modern GUI along with Flexible scheduling designed for both z and non-IBM z personnel Eliminate risky offloading- with data security right on the mainframe. Only Data security product currently on the market for mainframe to use specialty engines to reduce upgrade costs Gain quick and critical insight about the potential and magnitude of data exposure on the mainframe Prove it to auditors that controls are checked by data-types to satisfy regulations Stay in control – eliminate risk while reducing costs of data protection processes
  • 25. 25 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Product / Technology Architecture Execution Policy Web GUI Control Scans Reporting Classification Engine: z/OS Data Sources VSAM DB2 PS API 3rd party 3rd party CA Compliance Event Manager PDS/ PDSE … Description of Technology Overview of Technology  Data Content Discovery “scans” data, identifying data vulnerabilities and risks to compliance Lands Lightly  Product has no other CA product dependencies or other prerequisites, installs in <1 day DCD Repository
  • 26. 26 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Data Content Discovery – A critical part of CA’s Security and Compliance Solution CA Data Protection 3rd party DLP Solution 3rd party DLP Solution Big Data Analytics Solutions CA Compliance Event Manager IBM RACF CA Top Secret CA ACF2 CA Cleanup In Ideation: Mainframe Advanced Authentication CA Data Content Discovery CA Auditor Secure mainframe assets Capture events affecting compliance and policy Discover sensitive data Extend compliance event data to analytics solutions Enable secure data in motion across the enterprise Security Administrator Big Data AnalystAuditor Planned Available Non-CA Product
  • 27. 27 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Results There is stray, unmanaged, unprotected data on your mainframe – regulated, sensitive data that will damage the enterprise if compromised Find it, classify it, protect it with DCD Summary A Few Words to Review
  • 28. 28 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Recommended Sessions SESSION # TITLE DATE/TIME Tech Talk Isn’t one authentication mechanism on z Systems™ enough? 11/18 – 4:30pm Mainframe Content Center Mainframe Theater Panel Discussion: Is Complacency Around Mainframe Security a Disaster Waiting to Happen? 11/18 – 3:45pm Mainframe Theater Tech Talk The Known Unknown – Finding lost, abandoned, and hidden regulated data on the Mainframe 11/19 – 12:15pm Mainframe Content Center MFX26S How to Increase User Accountability by Eliminating the Default User in Unix System Services 11/19 – 1:00pm Breakers I MFX47S Top 10 things you shout NOT forget when evaluating your security implementation 11/19 – 2:00pm Breakers I
  • 29. 29 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Follow Conversations in the Mainframe Content Center  CA Data Content Discovery  CA ACF2 ™ for z/OS  CA Top Secret® for z/OS  CA Cleanup  CA Auditor  Advanced Authentication Nov 18th @ 4:30pm  The Known Unknown - Nov 19th @ 12:15pm
  • 30. 30 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Q & A
  • 31. 31 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For More Information To learn more, please visit: http://cainc.to/Nv2VOe CA World ’15