SF-SafeDump May Help IBM Mainframe Customers Avoid Costly Penalties

Share Article

Enterprise-IT-Security.com's newest version of SF-SafeDump, which helps data centers comply with service terms and data protection laws, now comes with zIIP support of up to 95%

Enterprise-IT-Security.com announced today that it will release version 4.1 of its unique and patented system dump and log anonymization solution SF-SafeDump for z/OS mainframes in mid-September. The software’s new capabilities include zIIP support of up to 95%, which will cut the cost of contractually and legally mandated anonymization procedures to a minimum. Version 4.1 also supports additional dump and log types.

Whenever systems or applications run into problems, or even crash, they create system dumps and logs. Exchanging these dumps and logs with software vendors has been standard practice for decades—but is it safe? “Far from being a harmless collection of technical information, dumps and logs frequently contain large amounts of sensitive company and client data or even top-level business and trade secrets as part of the captured computer memory. Sending such dumps and logs to software vendors’ technical support, whose teams mostly reside in other countries, may violate data protection laws or compliance obligations, such as SOX, PCI, DISA STIG, NIST 800-53, FISMA, HIPAA, Basel II or BSI, and could result in law suits or fines,” says Stephen Fedtke, CTO of Enterprise-IT-Security.com.

Software vendors have known about these risks for some time. To avoid liability for themselves and their subcontractors, wherever these parties reside, most software vendors have drafted service and support terms that clearly state that their customers remain responsible for any sensitive data they submit. In the absence of a workable anonymization solution, data centers are practically forced to violate their legal and compliance obligations every time they want their software problems to be properly analyzed and fixed. “A typical mainframe data center sends out more than one hundred dumps a year – with an average size of 2 GB each. This is a terrible position to be in – not to mention the problems it poses for large-scale data centers, such as those run by outsourcing and cloud service providers, the military, and the government. It’s time for a change of policy – dumps and logs should never leave any company without prior anonymization in order to prevent such critical data leakage,” says Mr. Fedtke.

Aside from the legal implications, dumps and logs represent a grave security risk as well. Mr. Fedtke says, “Nobody knows what exactly happens to these dumps after they reach the software vendor – who will eventually have access to these files and in which countries do these parties reside? For expert hackers, a system dump of a mainframe production system represents an ideal “blue print” for planning the perfect attack. Just one dump in the wrong hands is enough to expose a company or even country to significant IT risks. Fact is, dumps have a value and could be sold, just like exploits. This should be of interest to cyber risk insurance providers as well.”

To eliminate these legal and security risks, Enterprise-IT-Security.com launched its dump and log anonymization solution SF-SafeDump at the beginning of 2016. SF-SafeDump allows users to easily and effectively anonymize system dumps and logs before sending them out. This is not only crucial for U.S. data centers, but also for European mainframe users – who currently have to comply with data protection laws in the absence of “Safe Harbor.” SF-SafeDump currently supports IBM’s z/OS mainframe platform, with support for other leading operating systems to be added in the near future. What’s more, with SF-SafeDump’s new massive zIIP support, safely cooperating with software vendors has finally become not just easy and risk-free, but also cost effective.

About zIIP

The zIIP processor was designed to handle specialized mainframe workloads and other processing-intensive applications without affecting software charges. Offloading workloads to zIIPs reduces general purpose processor utilization, saves money and improves efficiency and effectiveness of mainframes.

About Enterprise-IT-Security.com

Enterprise-IT-Security.com is a leading provider of unique security and compliance solutions and services for both mainframe and client-server platforms. The Swiss company with worldwide operations specializes in critical IT infrastructure and partners with the world's largest companies and institutions to successfully achieve and maintain IT environments that fulfill the highest security and compliance requirements. Its Integrity 2.0 Initiative for System z, which launched in 2016, offers new and unique solutions for security and compliance at a level that far surpasses today’s industry standards.

More Information

If you would like more information about this topic, please call Dr. Stephen Fedtke at ++41-(0)41-710-4005 or email stfedtke(at)enterprise-it-security(dot)com, or visit


Contact Information

Dr. Stephen Fedtke
Seestrasse 3a
CH-6300 Zug
Tel. ++41-(0)41-710-4005
Fax. ++41-(0)41-710-4008


IBM, zIIP, z/OS, and System z are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Dr. Stephen Fedtke
Visit website