Bob Thomas, the publisher of Enterprise Executive magazine (which also hosts the MainframeZone page on Facebook), presented the following statistics on the use of the mainframe:
- 71% of all Fortune 500 companies have their core business on the mainframe
- 23 of the world’s top 25 retailers use a mainframe
- 92% of the top 100 banks use a mainframe
- 10 out of 10 of the top insurers use a mainframe
- More than 225 state and local governments worldwide rely on a mainframe
- 9 of the top 10 global life and health insurance providers process their high-volume transactions on mainframe.
That’s why I was so shocked at former OPM Director Katherine Archuleta’s statements that she failed to address the vulnerabilities found by the Inspector General’s office because her agency was focusing on replacing the “old legacy” systems, which I interpreted to mean, mainframes. This is not unusual in the Federal Government since the major contractors are pushing the concept moving work off the mainframe rather than enhancing and improving operations on the mainframe. It should not be the contractors that are having the major influence on this—it should be our Government's IT leaders.
This attitude exists in other agencies within our Federal Government and they are squandering funds and risking our information privacy by having these thoughts and acting on them without any true justification. Government employees who support the mainframe and would like to correct these perceptions often are afraid to state their views on these positions because they are fearful of their job security.
I’m providing these statistics not as justification for the mainframe in any particular environment, but to show it still is a viable choice for large organizations. It certainly is a secure platform. The product I developed for MVS security, ACF2 (now CA-ACF2), has been used, and in many cases is still being used, at major Government sites like the Office of the President, Senate, Federal Reserve System, CIA, NSA, much of the DoD, and many more outside of the U.S. including MI-5 and the entire Australian Government; so I know the Federal Government security space. We, the Information Technology industry, are facing a crisis in the security of the data we collect. Citizens who provide information to our Government have a right for that information to be protected.
A good portion of the problem is that decision makers have had no exposure to mainframe systems. For example, the OPM CIO, Donna Seymour, had absolutely no experience with large systems. This goes back to the late 1980’s and 1990’s when IBM dropped support for the Universities. The result of this was that the computer science majors were going through college without ever interacting with a mainframe. But, just as importantly, the business majors also had no knowledge or interaction with a mainframe. These are the people now making the decisions for our Federal Government agencies and businesses. Of course, they know the PC or Mac they deal with on a daily basis, and extrapolate that these systems can provide the same functionality, availability, reliability and, most importantly, security of the mainframe systems. But, they were designed as single-user systems to start with, and it is much more difficult and complex to secure them then mainframes, which have been multiuser systems from the beginning.
Now, IBM and SHARE are attempting to address this via the IBM Academic Initiative and the SHARE zNextGen group, but this is only addressing the technical deficiencies. What about the business decision makers who are like Donna Seymour and placed in a controlling position without having any concept of the mainframe’s strengths?
Now, I’m not saying that the mainframe is the better choice for all usage—it is not. But, it is for a considerable portion of the applications our Federal Government and large organizations use. The decision makers must be aware of this—I have heard too many times that our Federal Government is not giving mainframes the respect it deserves in these decisions.