Data Location Awareness
Technical Details -
DataLenz runs on IBM Z mainframes with supported releases of z/OS.
Installation of the DataLenz z/OS agent is simple and straight-forward, along with limited network configuration.
DataLenz supports all z/OS data types.
Data access start and end events are recorded for specified datasets, and kept in mainframe-based logs, accessible for reporting and real-time monitoring and alerting through the graphical interface.
The administrative and reporting interface runs as a workstation client, with secure access to your IBM Z mainframes running the DataLenz agent.
The patent pending DataLenz technology tracks the location of your employees, partners, contractors, and rogue actors, with the actual IP address of the device they are using, even if they are going through VPN or using NAT.
Out-of-bounds geographical access
All the above technical security protection exists at different layers than the matter of Geolocation requires. While some VPNs and firewalls may provide a degree of physical source filtering, it is often necessary to allow remote devices into the corporate network for other reasons such as email access, and once an actor is in the intranet, the job of filtering source location for access to specific data and applications has long gone unfilled, especially given network address translation at the perimeter of the corporate network, which lends devices trusted internal IP addresses.
But, the absence of a solution does not negate the problem, which is that some sensitive data and applications, which may be legitimately accessed by a given individual and device when in the home state of an organization, may become forbidden by laws, regulations, or policy requirements, once that same individual and device travel to an out-of-bounds location such as a less-trusted country. Yet, again, that individual will still need access to other corporate resources such as email.
There is a need to differentiate access based on the physical location of the individual and their technology, for specific applications and data, without rendering them unable to do their jobs. And the data and applications that most critically need this protection are generally on the IBM Z mainframe, keeper of the corporate jewels such as accounts, customer, employee, and manufacturing data.
This is data which would not merely cause embarrassment if it fell into the wrong hands: it would be a breach of laws or regulations – for example, if personal data about the citizens of a country were to be accessed in a country on the other side of the world.
Unfortunately, until recently, there was no way to control this without simply cutting off all access.
Would you like to know more about DataLenz? Send us a message.