April 8, 2014 By Anne Lescher 3 min read

You Use Mainframes Everyday and Might Not Know It

You may not realize it, but mainframes play a large part in your everyday activities. Did you visit your ATM? Make airline reservations? Swipe your credit card? Then you “touched” a mainframe today. Did you know that 80 percent of the world’s corporate data resides on or originates from mainframes?

Why? For one reason, mainframes are still the most trusted platform, with an EAL5+ security evaluation. Companies rely on mainframe security to provide industrial-strength protection. Mainframes are still the platform of choice for processing mission-critical applications and hosting essential corporate information for banks, health care, insurance, retail, government and other industries largely because of mainframe security.

Furthermore, mainframes have become the true mother of reinvention: They have evolved and reinvented themselves with new technology, supporting cloud, mobile, big data and social innovation. Mainframes have transformed from isolated glass house systems to fully connected servers for Internet web applications, data analytics and private clouds. Security has also evolved to keep pace with innovation. It has been an interesting journey.

Mainframe in the Beginning

At first, System/360 security was very simple: To protect sensitive information, you created data set passwords specified on batch jobs with Job Control Language (JCL). While it was easy to share the password to allow data access, it was far more difficult to deny someone access later, which required changing the password and notifying all the other valid users.

The first step in the security journey was to establish user identification (user IDs) and authentication. Access control lists indicated who could access the data and how. This security information needed to be administered by authorized security managers in secure repositories. In 1976, IBM announced IBM Resource Access Control Facility for mainframes, with capabilities including:

  • User groups and privileged roles, such as auditors, operators and special administrators.
  • Resource protection for data sets, files, tapes, programs, applications and general resources.
  • Auditing of security events, including user log-on, data access and privileged operations.

Mainframe Security and Applications Evolved

As the mainframe evolved to support new applications beyond batch processing, security evolved along with these applications:

  • IBM TSO (Time Sharing Option) allowed multiple interactive real-time users.
  • IBM DB2 offered field-level security controls that wouldn’t impede performance.
  • IBM IMS and CICS protected transaction applications.
  • IBM Security AppScan identifies application vulnerabilities and generates reports with intelligent fix recommendations to ease remediation.

Communication Security Expanded to Internet and Mobile Access

Mainframes began to communicate outside their enterprises and across public networks, which required new encryption protocols and new security capabilities, including:

  • User directories that uniquely identified users across enterprises and domains.
  • Trusted authentication protocols that utilized certificates instead of passwords.
  • Secure communication protocols with distributed untrusted systems and mobile users.

Early “Cloud” Capabilities

Many people do not realize that the mainframe offered virtual machine capabilities long before today’s cloud options were available. Mainframes have provided a number of virtualization options over time:

  • Secure hypervisors that could run software virtual machines.
  • Physical logical partitions (LPARs) that run virtual machines with physical isolation.
  • Most recently, blade servers that run systems under the covers of the latest mainframes.

Growth of Database to Big Data Analytics

Mainframes provide robust information security, so it makes sense that mainframes have grown over time to host data warehouses, big data and data analytics. Mainframe data security has been enhanced with IBM Security zSecure and IBM InfoSphere Guardium security solutions. Big data by nature is enterprise-wide, so many other data sources connect with the mainframe. Guardium’s ubiquitous support for a wide variety of platforms and data sources ensures that any potential threats from within or outside the platform are detected, blocked and reported in virtually real time. InfoSphere Guardium Data Encryption for DB2 and IMS Databases provides additional protection of data at rest and in motion over communications at the column, row and segment levels. Security encryption key management solutions protect those keys from disclosure.

Security Intelligence and Compliance

As mainframes transformed, they were exposed to new threats. The overall volume of mainframe and enterprise-wide security events that requires analysis is staggering. Mainframes have new capabilities to obtain actionable insight with security intelligence using zSecure and QRadar SIEM to automate threat analysis, create alerts, monitor status and respond.

As the occurrence of big data breaches grew, new security standards and compliance regulations have been adopted to help protect user payment card information, sensitive financial information, medical health care records and other vulnerable data. These regulations require privileged user monitoring, vigilant audit reporting, data encryption and other security controls that help safeguard information. zSecure offers new compliance framework reporting to demonstrate governance and compliance.

Continued Transformation

Over the past 50 years, the mainframe has evolved from a siloed system to supporting databases, applications, networking, virtual machines, Internet, cloud, mobile, big data and business analytics. Mainframe security has transformed to secure these new capabilities and help customers create the ultimate security platform for their mission-critical workloads. Mainframe security has stood the test of time for 50 years and is still going strong.

More from Mainframe

How dangerous is the cyberattack risk to transportation?

4 min read - If an attacker breaches a transit agency’s systems, the impact could reach far beyond server downtime or leaked emails. Imagine an attack against a transportation authority that manages train and subway routes. The results could be terrible. Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks. In one event, attackers breached the New York Metropolitan Transportation Authority (MTA) systems. Thankfully, no one was harmed, but incidents like these are cause…

Low-code is easy, but is it secure?

4 min read - Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry about the risks. The global low-code platform market revenue was valued at nearly $13 billion in 2020. The market is forecast to reach over $47 billion in 2025 and $65 billion in 2027 with a CAGR of 26.1%. Very few,…

Starting From Scratch: How to Build a Small Business Cybersecurity Program

4 min read - When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services.However, while it might be helpful to have a managed service provider handle your software and computing issues, cybersecurity for small and medium businesses (SMBs) also requires a personal, hands-on approach. While you can continue to outsource some areas of cybersecurity,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today