Even as organizations diversify their IT environments, adding more cloud storage, the mainframe plays a critical role. Here are four key strategies for locking down the mainframe to secure the core of your business.

Ray Overby, Co-Founder and Chief Technology Officer, Key Resources, Inc.

August 23, 2021

4 Min Read
Source: Connect World via Adobe Stock

Although the cloud appears to be a mystical data hub in the sky, it's actually a complex infrastructure made up of many different hardware platforms. The mainframe is at the heart of it. Terabytes of data currently live on the mainframe, feeding in and out of the cloud every second, creating tremendous operational value. According to industry data:

  • 68% of the world's production IT workloads still run on mainframes.

  • 71% of Fortune 500 companies still rely on mainframes.

  • $8 trillion worth of credit card transactions run on mainframes annually.

As organizations diversify their IT environments, the mainframe remains a critical player. In fact, some expect a 12% increase in mainframe applications and a 9% increase in data on the mainframe, amid the shift to hybrid IT environments.

Why still involve the mainframe? Even though the cloud boasts speed and potential cost savings, it lacks the level of accountability critical to keeping sensitive data secure. Imagine if all our data was on the cloud alone: customer information — credit card data, medical records, financial history — and business records, including invaluable trade secrets or sales information, all with limited ability to track where it has been or who's had access. As a result, data could fall into the wrong hands right under our noses, putting organizations and stakeholders at risk.

Together, the mainframe and cloud create tremendous value. But the cloud connection also opens dangerous new threat vectors to the mainframe, tempting criminals with an increasingly sophisticated attack toolkit. These attacks can devastate businesses. The average cost of a data breach in 2020 was $3.86 million.

To capitalize on digitalization, organizations need to secure the cloud-mainframe connection. The following cybersecurity protocols and best practices can help ensure accountability at all levels.

Implement a Computer Vulnerability Awareness Program
Across industries, cybersecurity needs to be as routine as checking emails, from the top down. A consistent computer vulnerability awareness program puts cybersecurity on the map.

Employees need to understand how their individual actions play a role in the organization's safety. These programs can help level up baseline cybersecurity knowledge, educating employees on different types of vulnerabilities and updates.

A culture of accountability and integrity guides these programs. Individuals need to remain vigilant in their daily digital lives, reporting any suspicious activity they encounter. All are responsible for locking down their personal devices. If a breach occurs, employees need to own mitigation.

Appoint a Mainframe Security Architect
When accountability is key, someone needs to be accountable for the mainframe — that's where the mainframe architect comes in.

This champion of accountability ensures that all applications and systems can report who end users are, minimizing the use of service accounts. The role takes a bit of strength and bravery, as one could face pushback surrounding policies' impact on connectivity. But by illustrating the potential costs of compromising security, the mainframe architect can gain valuable leadership buy-in.

Conduct Frequent, Proactive Vulnerability Analysis and Threat Hunting
Organizations need to assume vulnerabilities exist on the mainframe and that the bad guys already got in. With cloud connection and the growing number of Internet of Things (IoT) devices connecting to the same networks as the mainframe, more doors are open than ever. Sure, new tech is exciting. But security management is often a forgotten piece of the equation, tempting hackers to take advantage.

Committing to a regular cadence of threat hunting and vulnerability analysis keeps the mainframe tightly secured. Seeking out open doors before criminals take advantage of them is critical. If an alert comes through regarding a hacker on the mainframe, the damage is already done.

Keep Up With Patch Management to Close Vulnerabilities, Monitor Their Success
Vendors frequently release patches — updates to their applications — to manage known vulnerabilities. Staying on the pulse of known vulnerabilities and their patches is vital, as many hackers are keeping tabs as well, looking for easy ways in.

Patch installation can vary in urgency and difficulty, but regardless, organizations need to move quickly. While some patches can be as simple as font change, many can cause huge problems if ignored. A successful patch management strategy asks teams to continuously analyze their devices for available patches, assign levels of importance to those that exist, deploy them as soon as possible, then monitor their success.

While the mainframe is regarded as the gold standard of IT security, it stands up to that reputation only when organizations employ a culture of accountability. While the cloud inherently lacks accountability, organizations can support a safe cloud-mainframe connection by implementing a zero-trust architecture that educates employees on their individual role in locking down the IT environment, and by appointing a mainframe architect to take on total ownership over the mainframe and lead the charge on vulnerability analysis and patch management. With a strong set of cybersecurity policies, organizations can realize the true value of a hybrid environment.

About the Author(s)

Ray Overby

Co-Founder and Chief Technology Officer, Key Resources, Inc.

Ray Overby is a Co-Founder and Chief Technology Officer at Key Resources, Inc. (KRI Security), a software and security services firm specializing in mainframe security. An expert in mainframe security, risk, and compliance for IBM Z System environments, Ray heads the KRI technical team. Drawing on more than 30 years of experience with Z Systems in both hands-on technical development and strategic roles, Ray's multidimensional and solutions-driven approach assures he is highly valued by clients and third-party technology partners.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights