Managing a Mainframe? Security Questions to Ask Yourself

By Tricia Owens, Vice President Top Gun Technology

Despite their highly technical nature, mainframe computers have in fact been around since the 1940s, with a UNIVAC I mainframe arriving at the U.S. Census Bureau in 1951 to assist with counting the American population. By the mid to late 1950s, a number of companies were designing and building these mammoth systems. IBM led the market, while other early manufacturers emerged including Honeywell, General Electric, Control Data, RCA, and Burroughs. Over time, these systems, which are primarily used for bulk data processing, have evolved and modern uses range from enterprise resource planning to transaction processing, the latter of which is heavily relied upon in the banking industry.

With such critical data being processed, how are mainframes kept secure from breaches and other risks? In 2018, there are a few things that stand out when it comes to keeping mainframe systems secure. Ask yourself:

How well am I able to respond to fraud?

The fallout from security breaches without a doubt can be nerve-wracking and highly damaging. Therefore, being able to expedite the process of identifying threats and taking action before data is stolen is absolutely critical. Fraud analytics for mainframe systems should allow you to respond immediately, or at the very least, as soon as possible. And since so much data is processed through a mainframe system on a regular basis, it’s literally impossible for the human eye to manually take note of abnormalities that could constitute fraud. To address this concern, consider utilizing software that gives you real-time analytics. For example, software such as IBM’s Security zSecure (among other platforms) allows you to receive automatic real-time alerts when threats are detected.

Do I have the right access control set up?

Who can and can’t access the information stored and processed on the mainframe? Data that is critically sensitive should only be available to those who need it on a regular basis. Meanwhile, a standard requirement should be implemented: In cases where persons other than regulars need to access the mainframe data, approval should be granted only through the administrator.

While mainframe access may appear pretty straightforward, it’s all too common for businesses to lack the proper oversight to track it. To make access control easier, mainframe administrators can use what’s referred to as RACF, which stands for Resource Access Control Facility. This can be managed through software that allows administrators to permit access to particular user profiles made available through a database. Administrators are also given the opportunity to track unauthorized access to protected data. You can learn more about RACF by reading: What is RACF? (IBM.com).

Am I able to isolate workloads?

With virtualization, you should be able to use your mainframe processes to separate workloads on the system. This can make management much more efficient by giving you the ability to compartmentalize everything. Not only is efficiency a benefit, isolating adds security and makes breaches easier to manage. So how do you isolate workloads? Have a hypervisor make guest accounts that are separate from one another, yet can still gain access to the same mainframe resources critical to finishing processes.

Mainframe systems are known for their reliability and consistent internal engineering that makes them great for security. Yet, since they continually process some of the most sensitive information in the world, they’ll remain a prime target for hackers. It’s of the utmost importance that people operating these highly powerful computer systems stay up to date not only on the latest vulnerabilities but also on how they can address those vulnerabilities with additional system features. For more information on how to safeguard mainframes, read: Keep Hackers From Having Another Banner Year (topgun-tech.com).

 

About the Author: 

Tricia Owens joined Top Gun Technology in 2010, where she currently serves as the company’s vice president. She has assisted Top Gun Tech in building up the used IBM infrastructure solutions that help data center operators meet system requirements. Tricia got started in IT sales as a market maker at a leasing company, handling IBM’s early air-cooled processors and peripherals. She has more than three decades of experience in the field and has unique insights into markets dealing with refurbished IT hardware.

Twitter: @topguntech