The Mainframe isn't an Isolated Bunker in the Application Economy
Confidence in your business, and its security, is good. Since joining CA, I’ve talked with a number of senior IT executive customers and noticed that confidence is always high, especially regarding mainframe security.
When speaking with these execs, the same question pops up time and time again: budgets are tight, my focus needs to be on generating more value from the infrastructure I have, mainframe systems are invincible– why would I ever need to invest more in mainframe security?
It’s easy to see this approach as cavalier, though if a senior executive didn’t have this level of confidence in their own security—why would a customer or partner? Still, this is a topic that needs addressing.
Is Your Mainframe Protected Like a Nuclear Bunker?
The Cheyenne Mountain nuclear bunker is one of the most secure places in the world. Built to monitor American airspace during the Cold War, the bunker sits in a triple peaked mountain range with fences, guards, gates, reinforced steel and granite walls to protect itself against nuclear attack.
As mainframe systems increasingly become a target for cyber criminals, you need to defend your business against risks of the connected enterprise
This level of isolation and protection reminds me of the perceptions associated with mainframe security. The mainframe is often seen as the nuclear bunker of the business—isolated and immune, especially when compared with broader enterprise-level security.
However, in the application economy, the mainframe and its data are an increasingly connected and interlinked part of the data center. Over 70 percent of mission critical data resides on the platform and the number of external applications connected to and running through the mainframe is considerably increasing. Mainframes are now connected to the internet, millions of mobile devices, and the Internet of Things (IoT) through APIs.
This interconnectedness of the modern data center results in more fluid data and now, mainframe data is moving off the mainframe and into new applications used by customers, partners and employees. Simultaneously, the cost of successfully hacking enterprise systems is rising and mainframe security has increasingly become a target for cyber criminals looking for a cheaper-to-attack alternative.
Therefore, the mainframe is not inherently protected like the Cheyenne Mountain nuclear bunker. Once considered impenetrable, the myth of mainframe as 100 percent secure is no longer true.
Borderline Child’s Play
Because of the evolution in mainframe connectedness, attackers that were using commonly available skills and tools to penetrate enterprise systems can now apply the same skills when attacking mainframes.
All that’s required is a user’s credentials—a user ID and a password. With the technology developed to attack enterprise systems, cracking an eight-character password is borderline child’s play, taking as little as an hour to access an eight-character password, regardless of how many exclamation marks you include.
Because the mainframe transacts more than 70 percent of mission critical data, privileged users might have access to tens or even hundreds of millions of records that will sell for considerable sums via online black markets. A single compromised privileged user account can lead to devastating outcomes for your enterprise. It is threats like these that are exactly why businesses should improve their mainframe security.
Protect Your Mainframe Against the Risks of the Connected Enterprise
Many of the senior IT executives I have spoken with have achieved their success without much exposure to the mainframe, even when mainframe processing is critical to their organizations. There is often the assumption that since the mainframe has been around for so long that all of its security controls have been identified and addressed.
What I’ve noticed is that many executives and IT professionals don’t realize that, as the role of the mainframe in the application economy evolves, the security threats it faces evolve with it. Consider social engineering attacks, mainframe experts retiring, mainframe data moving off of the mainframe, and the marriage of mainframe data and non-mainframe data for big data analytics and other purposes. This all means that the mainframe is no longer locked down.
The crucial online, real-time, high speed, completely reliable backbone for transaction processing worldwide is now immersed in the middle of the modern enterprise data center. For this reason alone you need to protect your mainframe like a nuclear bunker to fend off unwanted malicious attacks and inadvertent threats to your enterprise.
Don’t Become the Next Hack
The mainframe in the application economy teaches us all a valuable lesson: security is security, regardless of the platform. The lack of investment on the mainframe can lead to catastrophic consequences for the business. As with any other platform, security controls need to be constantly reevaluated and strengthened to prevent the application economy’s sophisticated threats. When the hackers come knocking on your mainframe’s door, the “I didn’t know” response won’t go over well with your executive team.
Therefore, the conclusion is a simple one: you must acknowledge the need for and further improve mainframe security to ensure your enterprise does not become the next catastrophic data breach headline. How can you do this? By reframing your mainframe security and defending across all platforms in the enterprise to help you succeed in the application economy.