By now you would be aware that the European Union (EU) General Data Protection Regulation (GDPR) will be enforced from May 25th 2018. The GDPR is designed to protect all EU citizens from privacy and data breaches and applies to any organization that operates in the EU market or processes the personal data of EU citizens. To learn more about the GDPR visit https://www.eugdpr.org/.
There will be stiff penalties for organizations that fail to abide by the GDPR rules so remaining compliant is critical. Compliance applies to many areas of an organization, including application development and support and IBM File Manager for z/OS can help in several ways.
Scrambling DataIf there is a requirement to create test data from production data containing sensitive information, then File Manager provides functions to scramble the sensitive data. When using the File Manager Copy function to copy data from a source to a target data set, a template that defines the layout of fields in the records of the target data set can be used to specify scrambling options for fields that contain sensitive data. File Manager offers the following options for scrambling data:
As well as supporting the scrambling of values for numeric and alphanumeric fields, File Manager also supports the scrambling of fields defined to hold data and time values.
For further information on File Manager data scrambling support, see
Audit LoggingFile Manager provides audit logging facilities to create an audit trail of editing and other activities against data sets, CICS® resources, DB2® objects and IMS™ databases. While File Manager auditing is optional enabling this facility can provide information to a GDPR audit to support compliance.
File Manager provides a lot of flexibility in configuring audit logging. Control of the auditing configuration can be handled via System Authorization Facilities (SAF) rules or the options specified in the File Manager options module FMN0POPT. Sites can specify which File Manager functions will be enabled for auditing. Different auditing requirements can be defined different for different users and different auditing requirements can be defined for different data resources. Audit records created can be written either to the System Management Facility (SMF) or an audit log data set.
For further information on the File Manager audit logging facilities see
Restricting access to File Manager functionsSites can restrict user access to File Manager functions using SAF facility classes. Facility classes can be defined to allow or deny access to groups of File Manager functions or to individual File Manager functions. The way the facility classes are designed provides granularity in the way user access to File Manager functions is defined. This feature allows, for example, sites to restrict access to use the very powerful disk update functions to only those personnel with a matching security level.
For further information on the File Manager security environment see
For further information on the File Manager/IMS feature security environment see
Peter Van Dyke
Senior Solution Architect
Peter Van Dyke is a Senior Solution Architect in Lab Services with HCL Technologies, specializing in DevOps on IBM System z. Prior to joining HCL Technologies Peter spent over 27 years working in z systems software development with IBM. During his time with IBM Peter worked on the development of a wide range of System z products including COBOL compilers and runtime libraries, Language Environment, Debug Tool, Fault Analyzer, and File Manager. For 14 years Peter was the architect and lead developer for Interactive System Productivity Facility (ISPF). In this role Peter had the opportunity to provide ISPF training to IBM staff and customers and to present education sessions at conferences including the SHARE conference held biannually in the US. Peter has also provided training to z/OS customers in the use of File Manager, Fault Analyzer, Debug Tool, and Application Performance Analyzer.