We in the security field like to use metaphors to help illustrate the significance of data in the enterprise. I’m a big fan of cooking, so I’ll use the metaphor of a secret sauce. Think about it: Each transaction basically reflects your organization’s unique relationship with a customer, supplier or partner. By sheer quantity alone, mainframe transactions provide a huge number of ingredients that your organization uses to make its secret sauce — enhancing customer relationships, tuning supply chain operations, starting new lines of business and more.

Extremely critical data flows through and into mainframe data stores. In fact, 92 of the top 100 banks rely on the mainframe because of its speed, scale and security. Additionally, more than 29 billion ATM transactions are processed per year, and 87 percent of all credit card transactions are processed through the mainframe.

Safeguarding Your Secret Sauce

The buzz has been strong for the recent IBM z14 announcement, which includes pervasive encryption, tamper-responding key management and even encrypted application program interfaces (APIs). The speed and scale of the pervasive encryption solution is breathtaking.

Encryption is a fundamental technology to protect your secret sauce, and the new easy-to-use crypto capabilities in the z14 will make encryption a no-brainer.

With all the excitement around pervasive encryption, though, it’s important not to overlook another component that’s critical for data security: data activity monitoring. Imagine all the applications, services and administrators as cooks in a kitchen. How can you ensure that people are correctly following the recipe? How do you make sure that they aren’t walking off with your secret sauce and creating competitive recipes or selling it on the black market?

Data Protection and Activity Monitoring

Data activity monitoring provides insights into access behavior — that is, the who, what, where and when of access for DB2, the information management system (IMS) and the file system. For example, by using data activity monitoring, you would be able to tell whether the head chef (i.e., the database or system administrator) is working from a different location or working irregular hours.

In addition, data activity monitoring raises the visibility of unusual error conditions. If an application starts throwing a number of unusual database errors, it could be an indication that an SQL injection attack is underway. Or maybe the application is just poorly written or maintained — perhaps tables have been dropped or application privileges have changed. This visibility can help organizations reduce database overhead and risk by bringing these issues to light.

Then there’s compliance, everybody’s favorite topic. You need to be able to prove to auditors that compliance mandates are being followed, whether that includes monitoring privileged users, not allowing unauthorized database changes or tracking all access to payment card industry (PCI) data. With the EU’s General Data Protection Regulation (GDPR) set to take effect in May 2018, the stakes are even higher.

Automating Trust, Compliance and Security

As part of a comprehensive data protection strategy for the mainframe, IBM Security Guardium for z/OS provides detailed, granular, real-time activity monitoring capabilities as well as real-time alerting, out-of-the-box compliance reporting and much more. The newest release, 10.1.3, provides data protection improvements as well as performance improvements to help keep your costs and overhead down.

Your mainframe data is precious — it is your secret sauce. As such, it should be kept under lock and key, and monitored at all times.

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today