Are your security practices of yesterday your security exposures of today?

Share this post:

Once upon a time, it was easy to secure a z/OS (e.g., MVS) system. Users were defined, passwords created, and datasets protected. Users accessed the mainframe from terminals connected directly to the mainframe. Now, consider today’s environment. Users access the mainframe from different places and even via mobile devices. Are yesterday’s security practices today’s security exposures? Have you updated your security practices for today’s environment?

Since 1976, RACF has been a key component of mainframe security, integrating with the IBM z/OS operating system to control system access. From identifying and verifying users to logging and reporting unauthorized attempts at access, RACF has been critical to keeping mainframe environments secure.

Have your processes kept place in taking advantage of these items? If not, you could be at risk for security exposures.

The first step in improving mainframe security is to recognize the potential for problems. Security administrators and enterprise management often assume mainframes with RACF are inherently secure. But a security system is constantly being updated with new definitions to address the security needs of the business—and forces are constantly at work that can cause vulnerabilities if those definitions are not cleaned up.

Have you removed the entitlements and privileges of employees who left the organization? How about updating user profiles of employees who changed roles? And are you creating work for auditors—and risking a failed audit—by making them wade through information that’s no longer relevant or too complicated to understand?

But just like regular maintenance on your car or spring cleaning at your house, cleaning up your RACF databases is a necessary and ongoing task. A dirty database that is filled, for example, with out-of-date access permissions for employees who no longer work at the organization or security definitions for a decommissioned software package can be the cause of a failed security audit. More importantly, a dirty database can allow these same former employees— or hackers and malicious users who gain their IDs and access privileges—to commit fraud or theft.

For more than 50 years, IBM mainframes have been industry leaders in providing a secure base for critical business operations—right up to today’s IBM z Systems. Security capabilities are actually built into the entire z Systems stack.

IBM Lead World Wide z Systems Security Champion

More Security stories

Don’t miss a thing during IBM Think 2019

For the very first time, IBM Think is headed to the Golden City – San Francisco, California. Think is a conference designed to bring attendees together to sharpen skills, grow professional networks, engage with industry experts and have some fun! You’ll find IBM Systems at the Cloud & Infrastructure campus. There, attendees will have an […]

Continue reading

What’s driving investment in engaging experiences?

Many enterprise leaders are focused on providing a more engaging experience for customers. Consumer expectations have evolved over the past few years, both in terms of how accessible services should be for users, and the personalization of their experiences. Consumers have a vast amount of information available on alternative options using marketplaces, comparison sites and […]

Continue reading

Tackle top business challenges with IBM Z at Think 2019

Organizations that use IBM Z say they can rely on the platform with their most mission-critical workloads. That is why many of the world’s top financial institutions, including banks, insurance companies, airlines, government agencies and healthcare organizations run their business on IBM Z. But can IBM Z help tackle today’s top-of-mind business challenges, such as […]

Continue reading