Security

Are your security practices of yesterday your security exposures of today?

Share this post:

Once upon a time, it was easy to secure a z/OS (e.g., MVS) system. Users were defined, passwords created, and datasets protected. Users accessed the mainframe from terminals connected directly to the mainframe. Now, consider today’s environment. Users access the mainframe from different places and even via mobile devices. Are yesterday’s security practices today’s security exposures? Have you updated your security practices for today’s environment?

Since 1976, RACF has been a key component of mainframe security, integrating with the IBM z/OS operating system to control system access. From identifying and verifying users to logging and reporting unauthorized attempts at access, RACF has been critical to keeping mainframe environments secure.

Have your processes kept place in taking advantage of these items? If not, you could be at risk for security exposures.

The first step in improving mainframe security is to recognize the potential for problems. Security administrators and enterprise management often assume mainframes with RACF are inherently secure. But a security system is constantly being updated with new definitions to address the security needs of the business—and forces are constantly at work that can cause vulnerabilities if those definitions are not cleaned up.

Have you removed the entitlements and privileges of employees who left the organization? How about updating user profiles of employees who changed roles? And are you creating work for auditors—and risking a failed audit—by making them wade through information that’s no longer relevant or too complicated to understand?

But just like regular maintenance on your car or spring cleaning at your house, cleaning up your RACF databases is a necessary and ongoing task. A dirty database that is filled, for example, with out-of-date access permissions for employees who no longer work at the organization or security definitions for a decommissioned software package can be the cause of a failed security audit. More importantly, a dirty database can allow these same former employees— or hackers and malicious users who gain their IDs and access privileges—to commit fraud or theft.

For more than 50 years, IBM mainframes have been industry leaders in providing a secure base for critical business operations—right up to today’s IBM z Systems. Security capabilities are actually built into the entire z Systems stack.

More Security stories

Technical University: Valuable DevOps for IBM Z training

DevOps, Enterprise DevOps, Mainframes...

Your z/OS developers work hard building robust, secure business services that are at the heart of your business. Are you doing enough to ensure that they are keeping abreast of the latest technologies in the industry, and focusing on how those technologies are being leveraged on Z? You have many choices when offering your team ...read more


IT inspiration for your own digital transformation

AI, Blockchain, Digital transformation...

Today’s biggest challenges involve managing huge amounts of data and getting the most value from it while also keeping that data secure. At IBM, we provide the most comprehensive IT infrastructure solutions to help all of our clients maximize their data’s potential and propel their company forward into a world of possibilities. What that world ...read more


Lemonade Insurance: Powering rapid growth through radical transparency and technology

AI, Industry, Mainframes...

A new way of doing business The most admired companies are reversing the trend on business practices that have defined their industries. Through leadership guidance and company actions, they are establishing more balanced relationships in which both sides win. Customer and company alike are better off because they are in each other’s lives. These companies ...read more