By Stuart McIrvine, VP of Product Management, CA Technologies
There’s no shortage of innovative cyber security startups promising smarter, better, tougher ways to keep the good stuff in and the bad guys out. But when I read about these pioneering startups, I sometimes wonder if business leaders and information security teams shouldn’t be focusing closer to home.
It’s true that mainframe architectures are inherently more secure than distributed systems. It’s one reason the mainframe remains as important as ever for mission-critical workloads. But as mainframes are opened up to web and app-based endpoints and services, the risks of a mainframe data breach is something that every business should consider.
Philip Young, co-founder of ZedSec390, identifies three big reasons why businesses mustn’t neglect mainframe security. First, it’s a mission-critical asset, where up to 80% of enterprise data – including customer and transactional data – is stored. Second, the cost of a mainframe hack is potentially huge, in terms of brand damage, downtime, and regulatory fines. The new EU GDPR, for example, carries fines of €20m or 4% of global revenue, whichever is greater, for non-compliance in areas like data portability and data breaches. Third, Philip emphasizes the importance of including the mainframe in your overall enterprise security plan, for example in areas like penetration testing and vulnerability assessments.
Focus on data
It’s very effective to take a data-centric approach to mainframe security. After all, you can’t protect something if you don’t know it’s there. Especially since one study estimates that 54% of mainframe data is effectively invisible.
A data-centric security model follows seven steps for compliance, access and alerts, based on your mainframe data and its associated risks:
- Assess compliance requirements and prioritize what needs to be done
- Identify where sensitive data is stored, how it’s classified and who can access it
- Understand the risks associated with data access and control, and determine how to mitigate risks and achieve compliance
- Agree a plan to mitigate these risks
- Deploy new controls to protect data (access controls, encryption, masking, etc.)
- Monitor user access to sensitive data using dashboards
- Modify Data Protection Controls as required, and move sensitive data to “safe zones.”
Given the high stakes, you may find there’s more value in safeguarding your mainframe than investing the latest bleeding edge tool from a hot cyber security startup. If you’re one of the many organizations that isn’t 100% certain what data resides on its mainframe, CA Data Content Discovery is a great way to automate your process of scanning, locating and classifying your mainframe data