Mainframes remain the backbone of the world’s transaction processing infrastructure, from financial data, to business logic, to customer data and more. Because of their significance in this process, mainframes once sat in a secured, physical data center, separated from the rest of the company’s user devices and sometimes excluded from certain parts of the day-to-day security program.
This model is changing, with data center consolidation, hybrid cloud models and new designs that allow mainframes to operate in traditional data center environments. With this change comes the perfect time to reevaluate security processes for the mainframe.
Think the Mainframe Will Secure Itself? Think Again
Mainframes contain their own security controls, such as encryption, multifactor authentication (MFA), more stringent access controls and other advanced security protections to monitor access and performance and ensure resilience. All digital equipment, however, is essentially at risk of compromise, especially when new models (hybrid cloud) that rely on existing IT infrastructure are being integrated physically and digitally. So, how do businesses bring the mainframe into their overall security posture for a comprehensive view of risk?
During the past five years, security researchers have developed tools and presented talks demonstrating how attackers could potentially compromise a mainframe. The research and tools have revealed that mainframes should be considered in the same security scope as all other valued assets — if not more — and, as such, should receive more attention from the security organization. The investment clients put into these machines should warrant the same level of investment in security. Security should include a proper testing program to ensure that these valued assets a ..
Support the originator by clicking the read the rest link below.
