In today’s security-conscious world of regulations, hackers and terrorists, many mainframes aren’t as secure as they should be.
Why is that? Obscure configurations—“loose ends,” so to speak—that result from incomplete, out-of-date or overly customized approaches to security. Once upon a time, these might have seemed to add greater security by their sheer obscurity, but today they’re just obstacles for a new generation of security professionals.
Loose ends are a big problem, particularly as the current generation of mainframe technologists retires and a new, smaller, less-experienced group takes their place. Leaving a mess of obscure loose ends is a sure-fire way to expose an environment to security gaps. Having solidified security in place allows for these individuals to prove their experience while posing minimal threat to an organization’s mainframe systems.
In order to understand how to correct this, let’s wrap up some of those loose ends by taking the following steps:
1. Finish installing and configuring security software
2. Ensure the security software is configured to meet the current business needs
3. Consolidate diverse application internal security into the external security system
4. Clean out obsolete user IDs and access—and keep them clean
5. Change utility passwords—and simplify future changes
6. Tighten controls on JCL libraries and started tasks.