Skip to Content
Information
Space announcement This space now contains the documentation for all the following components:
  • CHANGE ACCUMULATION PLUS
  • IMAGE COPY PLUS
  • RECOVERY MANAGER for IMS
  • RECOVERY PLUS for IMS
We are no longer updating the individual documentation spaces for these components. For the latest documentation, see BMC AMI Backup and Recovery for IMS 5.2.

Encrypting and decrypting image copies

The Image Copy utility, the Change Accumulation utility, and the Recovery utility of the 

BMC AMI Backup and Recovery for IMS

 product can write and read image copy data sets in encrypted format.

Business continuity plans usually involve sending an organization’s important data to a remote recovery site.

Transmission and storage of offsite data increases the probability that this data could be lost or stolen. As more organizations implement disaster recovery plans, incidents involving data security breaches are increasingly frequent. These incidents are also increasingly costly in the harm that they cause to organizations and their customers, clients, and associates. Even if the data is not misused, the potential for harm is costly because of the notification, alerts, and other measures that must be taken in the aftermath of a breach.

Related topics

Understanding-concepts

By encrypting image copy data sets that are sent offsite, you reduce the possibility of unauthorized access to sensitive information. If the data set is lost or stolen, it is unusable without the key and the means to use the key.

BMC AMI Backup and Recovery for IMS utilities use an application program interface (API) to call standard z/OS data encryption services to encrypt and decrypt image copy data sets. The API supports 64-bit and 128-bit encryption keys. The file that contains encryption keys is allocated dynamically.

To request encryption of an output secondary image copy (copies 2 through 10), you use the ENCRYPT option in a dynamic allocation model. The primary copy cannot be encrypted. BMC products (at supported levels) automatically recognize that an input image copy is encrypted and handle it appropriately.

You can use the Copy Image Copy (CIC) function of the Image Copy utility to read an encrypted image copy and create a decrypted image copy, which you can use as input to a program or process that does not support encrypted image copies.

This section contains the following topics:


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI Backup and Recovery for IMS 5.1