Security

Do you remember the first time you saw somebody famous? I do. I was five, and my little sister was four, and we were going to visit Mr. Green Jeans from the children's TV show “Captain Kangaroo.” What a thrill! Now imagine my shock and surprise when I realized I was mistaken. We were visiting Aunt Liz and Uncle Eugene. Oh, I will never forget that disappointment. But what followed was equally memorable. Dear Uncle Eugene, who thought the situation was hysterical, decided we should put on our very own kids show on their front porch. He assembled all the adults and they watched my sister and me sing “The Alphabet Song.” When we were done, they clapped like it was the most brilliant thing they’d ever heard…

Read Full Article →

Mitigating security issues in a mainframe environment remains a hot topic. Mainframe security isn’t new or unique; we’ve all benefited greatly from the relative safety and security inherent in the mainframe architecture. Once it’s set up, we can almost stop worrying altogether, but where does a new installation start? How can they lock down the mainframe and protect the corporate jewels? Detailed answers to those questions could fill volumes, but the path to security nirvana can be easier to follow if you adopt the four “baby steps” to compliance outlined here…

Read Full Article →

Securing TCP/IP

Here we consider TCP/IP under z/OS, a path into the system we need to control for effective security. Using tools provided with z/OS, this can be the most secure TCP/IP you’ll find anywhere. We’ll summarize how TCP/IP works under z/OS, discuss its security risks, and examine how you can manage those risks. References to security software here mean RACF, ACF2, or TopSecret…

Read Full Article →

Corporate IT organizations and mainframe security professionals face the challenges of  minimizing costs, maintaining compliance with industry and government regulations, addressing increased workloads, and adapting to decreasing mainframe skillsets as “baby boomers” start to retire in significant numbers. Fortunately, technology is being developed to make products easier to learn and use; it’s also facilitating knowledge transfer from first-generation users to next-generation users. This technology needs to address daily tasks, but the job isn’t just about routine, daily duties such as assimilating new employees. The solution must cover the entire role…

Read Full Article →

Remember Sarbanes-Oxley (SOX)? It was supposed to ensure that controls were in place to make certain that a publicly traded company’s stated finances were in line with their actual finances. A provision of the law, SOX 404 was responsible for billions of dollars of remedial data and technology documentation and controls. If you work in an environment large enough to warrant a mainframe, chances are SOX 404 impacted how your department works with data…

Read Full Article →

Think back, w-a-a-a-y before PDAs, cell phones, general availability of the Internet, and browsers; before Linux, Windows, PC DOS, and even Apple and IBM PCs—when some of today’s leading tech billionaires hadn’t even been born and I was still in elementary school. Think back to 1972, when the world of computing changed forever in many ways. I suggest that the big-three areas of innovation were integrity, security, and virtualization. In some ways, you might even call it the arrival of modern business computing…

Read Full Article →

It was a turning point in my career. My department had a new director, and he was looking for good ideas to champion during those all-important first 100 days in office. I had a great idea I thought would help us meet contractual compliance requirements with additional positive effects. I told him my idea, and he nodded thoughtfully. “Interesting,” he said. “I have to run to a meeting, but come back tomorrow with your strategy. Email it to me in advance.”…

Read Full Article →