We exist in a constantly changing threat environment. As the threats evolve, the security solutions, best practices, industry standards and regulatory compliance must also evolve to keep up with the threat landscape. For many organizations, this means continuing to enhance the security of their mainframe production systems, while at the same time adapting to handle new business initiatives including cloud, mobile, and big data. Some of these key customer challenges in the mainframe environment include:

  • Integrating mainframe security intelligence in with enterprise-wide security intelligence
  • Protecting sensitive enterprise data when used in big data and cloud environments
  • Provided automated reporting for compliance regulations and industry standards
  • Allowing secure access by users with mobile and personal device access
  • Securing and isolating consolidated virtual consolidated workloads and clouds

Let’s take a closer look at these five challenges:

1. Enhanced Mainframe Security Intelligence

Today mainframe threats are often detected, isolated, analyzed and handled in separate silos by mainframe specific products. This can prevent an organization from seeing the bigger picture or identifying broader enterprise-wide vulnerabilities. Consolidating mainframe security threats in with overall organization threats can help to analyze trends, pinpoint sources, and lead to timely efficient enterprise-wide threat responses that minimize damage.

2. Protecting Sensitive Data

Sensitive personal and critical business data must be adequately protected, especially as we find new ways to use the information in cloud environments and big data analytics. Data can be protected at various levels:  field level, tables, files, storage devices, etc. in various ways: access controls, masking, encryption, network communications, etc. Estimates show that up to 70% of corporate production data may reside on mainframes especially for mission critical production workloads. Mainframes continue to offer strong security and privacy solution enhancements to protect data at rest and in motion.

3. Automated Compliance Reporting

With each new wave of threats and breach disclosures, there are expanded industry standards and compliance regulations. For instance retail breaches result in extension to the Payment Card Industry standards that protect our charge card information from identity theft and consumer fraud. Each round of stiffer regulations come with greater penalties and fines and requirements for more comprehensive compliance reporting. Solutions that can provide dashboard summaries of security status can automate compliance reporting to reduce audit overhead and costs.

4. Secure Personal and Mobile Devices Computing

As employees and customer consumers utilize their personal devices for work,  we require better security to understand  the level of trust in the user mobile device context. For instance did they provided strong  user authentication such as digital certificates for secure communication protocols? Does their mobile device provide encryption of sensitive data stored on the device to prevent data disclosure? Is their device compliant with current patches and corporate security guidelines.

5. Virtual Workloads and Cloud Computing

When running virtual machines and private cloud workloads, you need isolation of the workloads, as though they were running on unconnected dedicated machines, and that can prevent data leakage between workloads. Mainframes offer a number of secure ways to run virtual machine workloads while providing isolation of users, applications and data including logical partitions, virtual machine system z/VM, and blade servers. In fact mainframe LPARs are evaluated at EAL5+, the highest commercial evaluation available today.

With greater than 45 years of integration between hardware and software, IBM System z servers and security software must continually evolve to provide a secure, integrated infrastructure for your mission critical production, cloud, web, mobile and big data applications in this constantly changing threat environment. On July 23, IBM announced a number security enhancements for encryption, digital certificates, security intelligence analytics, compliance reporting, data base auditing, and more that can help you keep up with the changing threat environment on mainframes.

How can your organization utilize more effective security intelligence to deal with the changing threats? How can you automate reporting of your compliance posture? And how do you protect your mission critical and sensitive data while allowing mobile devices access?

Read the IBM z/OS Version 2 Release 1 announcement

Read the IBM Security zSecure V2.1 announcement


More from Mainframe

How dangerous is the cyberattack risk to transportation?

4 min read - If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. In one event, attackers breached the New York Metropolitan Transportation Authority (MTA) systems. Thankfully, no one was harmed, but incidents like these are cause…

Low-code is easy, but is it secure?

4 min read - Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry about the risks. The global low-code platform market revenue was valued at nearly $13 billion in 2020. The market is forecast to reach over $47 billion in 2025 and $65 billion in 2027 with a CAGR of 26.1%. Very few,…

Starting From Scratch: How to Build a Small Business Cybersecurity Program

4 min read - When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services.However, while it might be helpful to have a managed service provider handle your software and computing issues, cybersecurity for small and medium businesses (SMBs) also requires a personal, hands-on approach. While you can continue to outsource some areas of cybersecurity,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today