Security

Mainframe installations managing multiple RACF databases serving separate z/OS images may find significant advantages in merging them to form a single shared database. Chief among these advantages is establishing consistent security across multiple system images. Another is reducing and simplifying security administration by eliminating multiple executions of the same commands. Furthermore, when a shared database is implemented in a Sysplex, the installation can activate several valuable performance tuning features…

Read Full Article →

This article describes a common mainframe network security exposure and how you can address it in your data center. We start by describing how VTAM works in a single computer, across different computers in your data center, and across different networks.  We’ll consider how this architecture can introduce a security exposure and the tools available to close the exposure. We’ll also describe how to investigate all this in your data center, whether you’re the data security officer, the CIO, or the VTAM systems programmer…

Read Full Article →

Deciding What to Encrypt

Data loss incidents expose sensitive personal and business-critical information that could adversely affect consumer credit through identity theft, resulting in negative press and damaged reputations for the offending businesses and federal agencies. Unless steps are taken to secure data, it only gets worse: Millions of individuals will be affected by data loss in a single year and the trustworthiness of thousands of businesses will be at stake. …

Read Full Article →

Protecting the data in your enterprise databases is extremely important. But what exactly does that mean? At one level we have the database authorization and roles built directly into the DBMS products. You know what I’m talking about: GRANT and REVOKE statements that can be used to authorize access to database objects, resources, and statements. This level of database security is important, but is by no means sufficient. Many DBMS products are evolving to deliver additional security…

Read Full Article →

Data wasn’t always sexy, dangerous, and madly desired by millions.  Not too long ago, the only people who were regularly mucking around with databases were the number crunchers, those nice folks who processed payroll and handled accounting chores.  While we appreciated their efforts on our behalf, most of us also thought that database work must be kind of dreary. Those days are gone and now virtually everyone interacts effortlessly with databases during their daily rounds…

Read Full Article →

Protecting Mainframe Data Wherever It Ends Up

Data center managers are generally confident in the security of data on the mainframe.  The IT team has spent decades honing both the physical and electronic security of the data center.  The System z itself comes with a wide array of security capabilities, typically taking the form of integrated cryptographic features.  Still, managers shouldn’t become complacent about security, even if using the most advanced z9.  …

Read Full Article →