Laurence Chiu wrote: >We encrypt all our host data without worrying about z/OS by using SKLM on
>our DS8K SAN. >I'm told this means all data that the host can access is encrypted at rest >and is transparent to the host. Correct. You're also not really providing any protection beyond the case of someone walking into the data center and pulling a drive. Any compromise of any kind on the system is going to get cleartext, so the encryption won't help at all. "Transparent" is easy-just not very useful. As ever, you need to decide what the problem is you're trying to solve. If you're trying to secure the system, you haven't done so. Cheers, .phsiii ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN