Security

Securing the Mainframe

3 Pages

For decades, organizations have relied on the mainframe to run critical business applications and most still do. With the emphasis today on cost reduction and efficiency, IT managers must ensure their existing infrastructures can meet evolving needs. Often, the answer is to add more functions—such as loss prevention, supply chain management, and financial reporting to the mainframe.
 

Technology and user demands have led to an unmanageable propagation of applications running on distinct platforms. Not surprisingly, the unique architectures of these platforms created an environment that’s near impossible to manage, fueling today’s shift toward an open, standards-based architecture.

With years of data stored on mainframes, a challenging byproduct of this open infrastructure has occurred. Consider the headlines this year to understand the numerous vulnerabilities that can threaten mainframe repositories and the strategic information they store. Approximately 10 percent of the forensic investigations Cybertrust performed in 2005 revealed evidence of a breach to the mainframe environment. Given that most mainframes are buried deep in the corporate network, many of these breaches were largely facilitated by a lack of proper perimeter security. An attack on a mainframe system can prove devastating to a business in recovery time and cost—ranging from hundreds of thousands for a small implementation to millions of dollars for those more complex. It can also impact customer loyalty and brand reputation; potential civil and criminal liabilities loom, too.

Old Solution, New Problems

As organizations increasingly move toward a mainframe model or use an existing mainframe, they’re enjoying newfound economies of scale. The potential power of the mainframe means it can crunch a significant amount of data and generate valuable reports on multiple and divergent data sets such as inbound and outbound inventory data, sales audit logs, and employee time tracking. While the financial industry has traditionally relied on mainframes due to the high ROI and long-term reliability, there’s been a surge in use by the retail market using the systems for data mining of purchasing habits.

But as organizations face unprecedented security threats, unmanaged legacy mainframe systems introduce new security risks. Many organizations:

-         Incorrectly view the mainframe as a low-risk environment, believing that if a hacker gains access to the network, they’re more likely to target the Windows-based environment than an “archaic” mainframe 

-         Don’t even know what’s stored on the mainframe, so when a hacker does breach the system, they have access to untold amounts of private information and the company is completely ill-equipped to distribute the necessary notifications regarding the compromise 

-         Aren’t well-equipped from an administrative or operational standpoint when it comes to integrating the mainframe into the rest of the IT environment.

Often, user authorization forms lack sufficient detail in terms of who has access and what permissions they should be granted. A lack of hierarchical permissions or role-based user accounts is typical, leading to users having permissions beyond what’s necessary. While most organizations have change control procedures and development testing cycles, these are often overlooked when it comes to the mainframe environment or are self-regulated by the “mainframe group.”

3 Pages