Are your security practices of yesterday your security exposures of today?

Share this post:

Once upon a time, it was easy to secure a z/OS (e.g., MVS) system. Users were defined, passwords created, and datasets protected. Users accessed the mainframe from terminals connected directly to the mainframe. Now, consider today’s environment. Users access the mainframe from different places and even via mobile devices. Are yesterday’s security practices today’s security exposures? Have you updated your security practices for today’s environment?

Since 1976, RACF has been a key component of mainframe security, integrating with the IBM z/OS operating system to control system access. From identifying and verifying users to logging and reporting unauthorized attempts at access, RACF has been critical to keeping mainframe environments secure.

Have your processes kept place in taking advantage of these items? If not, you could be at risk for security exposures.

The first step in improving mainframe security is to recognize the potential for problems. Security administrators and enterprise management often assume mainframes with RACF are inherently secure. But a security system is constantly being updated with new definitions to address the security needs of the business—and forces are constantly at work that can cause vulnerabilities if those definitions are not cleaned up.

Have you removed the entitlements and privileges of employees who left the organization? How about updating user profiles of employees who changed roles? And are you creating work for auditors—and risking a failed audit—by making them wade through information that’s no longer relevant or too complicated to understand?

But just like regular maintenance on your car or spring cleaning at your house, cleaning up your RACF databases is a necessary and ongoing task. A dirty database that is filled, for example, with out-of-date access permissions for employees who no longer work at the organization or security definitions for a decommissioned software package can be the cause of a failed security audit. More importantly, a dirty database can allow these same former employees— or hackers and malicious users who gain their IDs and access privileges—to commit fraud or theft.

For more than 50 years, IBM mainframes have been industry leaders in providing a secure base for critical business operations—right up to today’s IBM z Systems. Security capabilities are actually built into the entire z Systems stack.

IBM Lead World Wide z Systems Security Champion

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Servers stories

3 paradigm shifts for IT operations on IBM Z to support digital enterprise

Good news! IBM Z is perfectly equipped to be at the center of your digital enterprise; 80 percent of corporate structured data and 55 percent of all enterprise transactions reside on IBM Z with only 6.2 percent of total corporate server expenditure[1]. It is the only platform capable of encryption of 100 percent of your […]

Continue reading

The latest on IBM Z and LinuxONE: Learn more at IBM TechU

The market is abuzz with the latest IBM Z and LinuxONE announcements.  The new single frame 19-inch z14 and LinuxONE are here, with air flow, storage and system integrated into a standard rack. That means the ability to process over 850 million fully encrypted transactions in a single system that takes up the space of […]

Continue reading

Keeping the pace of innovation for mainframe

Business demands for trusted digital experiences and greater agility are two of the strongest currents driving business transformation and modernization these days, especially in the mainframe arena. This week, IBM is announcing a single-frame IBM Z built on an industry-standard 19” form factor, designed to create a low-cost, secure cloud infrastructure and capitalize on new […]

Continue reading