IT security crises are forever making business headlines. In 2017 it was the high profile ransomware attacks and huge data breaches such as Equifax. Barely a week into 2018 and we had the revelations surrounding the Meltdown and Spectre vulnerabilities affecting computer chips around the world.
Traditionally, the mainframe community has been a little smug about security, generally believing our platform to be immune from many of the risks faced in distributed environments. Isn’t that one reason why the big banks and credit card companies continue to rely on mainframes to process transactions?
But now it seems even mainframers are starting to wonder if they should be doing more to safeguard data on their systems. A poll of 55 mainframe customers conducted by Macro 4 at the last GSE UK conference (held by Guide Share Europe, the leading IBM User Group in Europe) found most feel they need to take action to improve security. Only around 7 per cent claimed there is no need for improvement.
The survey identified three factors that are causing mainframe customers to ask questions about security:
1. Data protection regulations are getting tougher
86 per cent of the sample said tougher regulations such as the European General Data Protecton Regulation (GDPR) are a reason to place more emphasis on security. This corresponds with the views of IT industry analyst Gartner, which says that an ‘evolving regulatory landscape’ is one of the factors driving growth in security spending.
The GDPR, for example, imposes strict new data protection rules, as well as tougher sanctions for non-compliance. According to Gartner, not only has the regulation ‘caused an overall panic and unease’ among organizations in Europe, but will have ‘a global effect’ since multinationals will also need to adhere to its rules.
Of the mainframe customers interviewed at GSE, only 25 per cent were confident their mainframe security was GDPR compliant.
2. Cyber criminals are getting smarter
Today hackers and cyber criminals are getting more ingenious and more brazen. Often funded by international organized gangs, they are finding ways to infiltrate the most secure systems. Perhaps the most audacious recent example was last year’s revelation of a data breach at the US Securities and Exchange Commission (SEC), the country’s top financial regulator.
While mainframers might once have believed that the dearth of specialist know-how and expertise about the platform was some form of protection against security risks that affect distributed environments, their views are now changing. 80 per cent of those in the poll think the increasing sophistication of cyber criminals is a reason to boost mainframe security.
3. Mainframes are more accessible
There was a time when very few employees had mainframe access. It was a closed-off environment used by those within the confines of the data center or IT department. Not any more. Today a large number of client-facing employees and even customers interact with mainframes. Bank staff in the local branch or contact centre may actually be logging on to the mainframe. And web and mobile applications are often underpinned by Big Iron at the back end.
Mainframers recognize that this openness makes the platform more vulnerable. Which is why two thirds (67 per cent) of the survey sample agreed that organizations need to think more about securing the mainframe because the system is now more connected to the ‘outside world’.
Security can be improved
Despite their concerns, the majority of the survey sample agree that security can be improved by adopting additional methods that IBM and other vendors are championing.
One of those is encryption, which Big Blue has boosted on its latest mainframe – the z14 model – by building in pervasive encryption, meaning virtually all data is encrypted. Nearly all – 96 per cent – of our survey respondents agreed that data encryption is an important way of securing the mainframe.
Similarly, 67 per cent believe that introducing multi-factor authentication is a more secure way to control access to the mainframe, compared with relying solely on passwords, as many Big Iron customers have done until now. IBM and other vendors now support multi-factor authentication (MFA) as an important additional security measure for the mainframe. MFA works with IBM’s Resource Access Control Facility (RACF) to authenticate users with multiple factors. Within RACF, administrators can define user based policies that determine the authenticators to be satisfied for individual users to be able to log on using MFA.
Finally, 58 per cent of the sample recognize the importance of data minimization, which involves strictly limiting the amount of personal data that is collected and stored to just the minimum necessary to accomplish a specific purpose. This philosophy encompasses, for example, adopting an Information Lifecycle Management (ILM) strategy to ensure that data is automatically deleted when it is no longer required.
The heartening conclusion from our survey findings is that the mainframe community is very aware of the growing risks around security and has identified a number of ways to address them. In our connected world even the most secure computing platform must continue evolving to stay ahead of the game.