Security

The President of the United States announced early in his term plans to develop a comprehensive, universal healthcare system. This program will require highly sensitive records to be stored on massive computers. Essentially, these records will be a “DNA footprint” for millions of Americans. Security for these records shouldn’t be an afterthought, and will require vigilant, proactive monitoring, regardless of the host operating system…

Read Full Article →

It’s no surprise the mainframe has stood the test of time. Yet lingering misperceptions about Big Iron are that it supports a black box computing model and is chugging along while sustaining old, albeit critical, data. IT professionals who rely on the mainframe realize that nothing could be further from the truth. The mainframe will continue to be a mainstay in corporate computing environments because of its power, performance, and reliability…

Read Full Article →

In the past, data center security was simpler to implement; in fact, there was a time when data center managers could see all the inputs and outputs to the mainframe in one or two rooms. However, this was when data was input via punched cards and output was recorded on tape or impact printers using green bar paper. A terminal had to be added as a logical unit and data center managers knew exactly who had access to the mainframe. Even when someone was logged in, managers always knew exactly what users were doing. Because computing resources were so precious, any abnormal behavior would have some effect on the environment. The SNA network was secured because all the devices on the network were defined. A physical survey of the data center was all that was needed to ensure it was secured…

Read Full Article →

Many magazine articles have focused specifically on issues of data security, risk, and appropriate controls. While information security is a pervasive need, relatively few mainframe professionals focus on data security as a discrete discipline, even though the mainframe is central to many applications and exposed to great risk. Moreover, most mainframe focus has been on operational excellence and increasing ROI, as opposed to focusing on protection of mainframe data assets. As a result, many seasoned mainframe workers and managers could still benefit from a broader understanding of information security risks and remedies…

Read Full Article →

My friend Bob once told me, “Sometimes when they say jump, I ask ‘How high?’ But sometimes I ask, ‘How high, and in what direction, and do you care if I bump into anything in flight, and am I on leave from my other duties while in flight, or am I expected to serve two masters during the jump, and why can’t you guys get your acts together before you come up with these harebrained ideas?’ ”…

Read Full Article →

Many network security technologies are available these days—from tried and true staples such as network firewalls to newer developments such as Intrusion Prevention Systems (IPSs) and the new anomaly detection and Data Loss Prevention (DLP) technologies. Web Application Firewalls (WAFs) and IPSs are gaining some ground as forces such as regulatory compliance drive end-to-end security requirements. enterprise acceptance for some of the other newcomer technologies varies, but it’s clear that network firewalls are here to stay. They remain among the most important core technologies in the network security arsenal, which makes it important to understand how, when, and where to deploy them in enterprise solutions encompassing the mainframe as a core component…

Read Full Article →