CA has unveiled CA Encryption Key Manager (CA EKM), a z/OS-based comprehensive offering that unifies and automates the management, storage, distribution, and documentation of encryption keys for multi-vendor mainframe and distributed environments such as Linux, UNIX, Windows and Solaris.
The company said that the CA EKM can automatically replicate encryption keys across a set of local and dispersed hosts via SSL-encrypted TCP/IP. It also automatically enforces policies regarding the change of encryption keys and digital certificates and supports both IBM tape encryption devices and CA Tape Encryption subsystems from the same interface.
According to CA, the new offering helps customers address the issues such as, time and effort required to manage keys, the accuracy with which keys must be distributed to authorised users, ensure the availability of all keys under any conditions and to credibly document encryption measures to auditors.
The CA EKM also interfaces with z/OS external security systems such as IBM RACF, CA ACF2 for z/OS and CA Top Secret for z/OS for public/private keys, and digital certificates storage. Encryption keys and digital certificates can be automatically re-imported if they are not found, therefore the recovery of encrypted data in the event of a disruption, CA said.