You've implemented Pervasive Encryption. Woohoo! You know the encryption pyramid and understand the tradeoffs between storage level encryption, file and dataset level encryption, database encryption and application level encryption. Very nice! How do you verify that you have configured your system to use your intended crypto engines? How do you determine if there are old applications using vulnerable algorithms or weak bit lengths? How do you show your auditor that your PCI workloads are using strong cryptography? With IBM z16, IBM provides processor activity instrumentation to count cryptographic operations. SMF 30 records have been enhanced to include new crypto counter sections that contain counters for CPACF cryptographic instructions utilized by a job in a given period. Join this session for a demo and discussion of ways to use this data to aid in compliance, performance, and configuration.

Eysha Shirrine Powers (Enterprise Cryptography), IBM Corporation; Roan Dawkins, IBM Corporation