The most valuable feature of CA Data Content Discovery is the ability to recognize, in an intelligent and accessible way, which data sets on the mainframe contain sensitive data that needs to be protected from a governance and regulatory perspective. It then gives you the ability to easily monitor how those data sources are being used, and to alert you if they are being misused. This can save a company a lot of grief, both in terms of violating regulations, as well as in terms of being hacked for things like credit card numbers. This is a very important solution for some of today's most pressing security risks.
Improvements to My Organization:
It allows people who are essentially technical, to go in and look at data from a business value perspective. They can recognize how regulatory compliance and other types of exposure help the company's business stay secure in a broader than technical perspective.
Room for Improvement:
It is still the initial phase of being rolled out and it is already an outstanding solution. However, there is no question that as more companies implement CA DCD, that opportunities to improve the product will be identified.
I think the next big thing is going to be neural network types of intelligence. Recognizing behaviors in data that have characteristics that can’t be easily characterized by existing regulations, but have the potential for being sensitive for other reasons.
I have not encountered any problems with stability. What I have seen so far tells me this is a product that is pretty solid. One of the reasons for that this is that it runs entirely on the mainframe. All functionality and data runs entirely on the mainframe. Applications don’t have to access outside resources, thereby limiting exposure. Everything is on the mainframe.
Running in a mainframe environment, scalability is not going an issue. This is something that is going to work very well no matter how big your shop is.
I have used CA tech support a lot in my career and I am very impressed with them.
This is a brand new area on the mainframe. Until now, compliance relied on the people owning an application to tell you what their application does and what data it accesses. If they didn't know or if they didn't want to tell you, you could have serious exposure. Now, with this product, you can actually go in and look at the application data and see that this data set contains salary increases, this data set contains employee IDs, this one contains credit card numbers. This is extra sensitive data and we want to be watching and making sure people are not just moving it around in a careless manor. Data security affects us not only in terms of exposure strategically, but in terms of regulatory compliance and the possibility of being on the front page of the newspaper.
I have not installed DCD yet, but my impression from what I have seen is it should be a very straightforward setup. One of the reasons for that, is it is relying on existing products such as ACF-2, CA Top Secret or even IBM RACF. Those are already going to be installed properly so DCD is going to install on top of those in a way that should allow for a really simple, straight-forward installation.
Other Solutions Considered:
I have to admit that this is such a new solution that I am not aware of anybody else offering something like this. Although they may, CA has a track record of having the very best mainframe security, so I would automatically think of CA first.
Do not wait for your company to show up on the front page of the Wall Street Journal. Now is the time to look into the solution, get it in place, to find out what the nature of your data is, who is using it, and to make sure that it is not going where it doesn't belong.
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.