It’s here and ready: securing the connected mainframe
Security and compliance trends you need to know now to protect your mission-essential assets.
I often say that data is the most regulated artifact in the application economy. Think about it, your assets are your data – whether it be sensitive employee records or financial transactions – it’s what your business runs on. And when the data isn’t being managed the way it should, the business suffers in the form of a breach or failure to comply with an audit.
The reality with data is that the mainframe stores the majority of all corporate business data globally. And the other reality is, not many security executives know where all of their sensitive data is – let alone are proactively able to secure all of it. Not to mention, new waves of industry regulations, hacking and ransomware, and machine learning are influencing security models moving forward.
When I think about enabling our customers to accelerate their ideas into real outcomes through our mainframe security and compliance solutions, there are a few trends I think we as security professionals need to keep an eye out for.
As the mainframe interconnects with everything else in your business (into the Internet of Things and beyond), the focus of its security shifts – and it’s all around data security and compliance management. Consider this: there are 400 mainframes connected to the internet worldwide and accessible to anyone with a login screen, while simultaneously the mainframe processes 2.5 billion transactions per day. With mainframe data growing at an exponential rate and moving off the platform, the risk for accidental data disclosure and malicious data breaches is growing exponentially as well.
Then think about compliance – industry regulations across verticals are increasing the need for controls around privileged users, and even the General Data Protection Regulation and EU-US Privacy Shield are changing the game. You can’t secure your data if you don’t know where it is, and there’s definitely no way you will pass an audit if your data security and compliance management practices aren’t prioritized.
Another trend I see coming more to the forefront in the security and compliance space is hacking and ransomware. Hacking the mainframe is a little different than an ordinary ransomware scenario, but its principles are the same. Ransomware typically involves thieves leveraging social media to find new contacts and then shipping those new contacts viruses. How does this relate to mainframe?
Well, since port scans are showing more and more mainframes are connected to the internet, hackers are having an easier time stealing credentials. User credentials are typically the standard 8 character passwords, and once a hacker gets a privileged ID…they’re in your system and have access to your encryption facilities. That’s why advanced authentication, a close monitoring of privileged users, and an education on social engineering risks to IT staff is a must to reduce risk on mainframes.
Analytics and machine learning are rapidly growing areas across IT today: systems management, storage management, security and beyond. And as mainframe skills continue to retire, predictive intelligence must be built directly into the mainframe itself to address the skills gap and simplify security.
Specifically, in the area of security and compliance, machine learning on the mainframe will be able to predict user behavior by tracking the characteristics of privileged users, such as their log in and log off times and location of log in. When abnormal traits from these users do occur, like logging in over the weekend and downloading hundreds of sensitive records, the systems will be able to determine that there is a deviation in behavior and send an alert, so you are able to place the appropriate controls to prevent the same security threats from happening twice. Machine learning will enable security teams to work smarter, not harder, and prevent data breaches and insider threats before they occur.
2017 will bring new challenges in the mainframe security and compliance market, but also many new opportunities to simplify and optimize security processes. With strong focus on identity and access management, data security, and compliance management – organizations will be able to take the security and compliance trends of 2017 head on.
Are you ready for what’s in store? Check out all of our predictions in my 7 Mainframe Security Predictions for 2017 webcast. And please share your own predictions in the comments below.