In today’s world, it’s almost impossible for any mainframe operations to work solo: going it alone in terms of the expertise, skills and resources required to succeed, writes Mark Wilson, RSM Partners.
A bit like Han Solo piloting the Millennium Falcon, running mainframe operations can be an extremely difficult path to navigate: you need to run a tight ship, manage a diverse crew (which may or may not include Wookiees, inexperienced farm hands, and wise old mystics) and carry out running repairs, all the while working hard to deliver what the business needs and never knowing when you may come under fire. There’s a sequence in The Empire Strikes Back when Han escapes a space battle by flying the Falcon through an asteroid field and hides in a cave – only to discover he’s actually flown into the jaws of a giant monster. When things get really bad, that can be how it feels for mainframe teams: leaping straight from the frying pan, emerging from the latest issue or crisis, only to plunge back into the fire. If it’s not a lack of skills or people to carry out tasks, it’s the business demanding more and more – and, of course, people retiring. As an increasing number of Obi-Wan Kenobis head for the exit, there are simply not enough new mainframe Jedi around to replace them.
The lack of resources, skills and capacity facing mainframe operations simply cannot continue, given (a) the importance of mainframes as part of our national critical infrastructure, and (b) the enormous challenges that we face in 2018 and beyond – not least in security.
Flying into the dark
A brief digression, to underline why the lack of skills and resources is potentially so damaging. As a community, we really need to step up our game in mainframe security, and become far more proactive in what we do and how we do it. Forget the Galactic Empire and Dark Lords of the Sith: what’s really scary are the deep web and dark web.
The surface web, the four percent we access via Google, is merely the start of a deep, dark and dangerous rabbit hole. The remaining 96% starts with deep web stuff like academic databases, legal documents, subscription-only resources, before sliding into proper illegality in the dark web: guns, drugs, hitmen-for-hire and, of course, fake IDs and credit cards for financial and identity fraud, founded on the easy availability of so much unencrypted personal and financial data. The existence of the dark web and cryptomarkets gives serious value to mainframe and personal data; that value creates demand and with demand comes motivation. Of course, eighty percent of the world’s system of record data resides on mainframes. They process more commercial transactions than any other platform. So much mainframe data is being copied and copied and copied. And in today’s connected Internet of Things world, the mainframe no longer works in splendid isolation. All of which explains why the mainframe is an increasingly attractive target for the bad actors: to them, it’s just another computer.
So how can mainframe operations get their hands on all those additional people, skills and resources, to build both capacity and capability – in light of the demands placed on their teams now as well as the new threat landscape, not only today but embedding this new capability in their operations?
Making the jump to light speed
Our starting point was to better understand all those risks, those pinch points, then finding ways to counter that unpredictability and volatility. The approach we came up with, which can benefit anyone with a mainframe, has three complementary strands.
First, we developed a range of managed services to run stuff on someone else’s behalf, so ticking the “too hard or too complex to manage ourselves” box. You know the kind of things. We’ve been running that side of things fort a few years now. The second aspect was to formalize our approach to “staff augmentation” – providing bright mainframe folk for shorter-term projects, along with proper “standby interim” services, which are more about keeping the lights on during an emergency, which could include a sudden staff departure. This second element is about filling the gaps now, ticking that “under-resourced and/or people leaving” box by providing access to experienced people for as long as they’re needed.
These first two approaches provide the contingency that many mainframe operations today need, a safety net, whatever circumstances throw at you. The third element is a longer game. Over the last few years, we’ve developed a structured education initiative specifically designed to bring forward the next generation of mainframe specialists. Working in partnership with industry, the Mainframer in Training (MIT) Programme aims to replenish the diminishing pool of skills by delivering high-caliber young mainframers. Trainees are immediately immersed in the mainframe world, working with clients and learning on the job, supervised by seasoned colleagues. A blended learning experience includes classroom tutoring, hands-on projects and work experience, mentoring and 1:2:1 guidance, with opportunities to network and present at conferences and tradeshows.
Taken together, these three approaches can really help to “bridge the gap” in the short, medium and long term. So, are these issues that you can identify with, perhaps based on your own experiences? Are you keen to make the jump to light speed too, if you haven’t already done so? If you are, it’s worth remembering something else that Han once said: “Travelling through hyperspace ain’t like dusting crops, boy. Without precise calculations we could fly right through a star or bounce too close to a supernova.” And nobody wants that, do we?