What's Your Budget?
When it comes to security, no other system can hold a candle to the mainframe. For this reason, enterprises around the world rely on them for critical corporate data. However, this also makes them tempting targets for hackers and data thieves. Mainframe security, though robust, also isn’t perfect and can still be compromised.
Modernizing the mainframe to respond to the call of the times is prudent, and arguably necessary, since the mainframe has been serving organizations for more than 70 years. Despite that, one of the programming languages designed for mainframes, COBOL, remains a go-to solution for many enterprises. The US financial industry is reliant on COBOL, specifically, 43% of banking systems, 80% of in-person transactions, and 95% of ATM swipes.
The COVID-19 pandemic has also opened a Pandora’s box of unprecedented changes and huge amounts of data that have overloaded some mainframe systems due to the unexpected load. eCommerce sites are one of the most affected because of the restrictions and social distancing guidelines implemented to minimize the spread of the virus. As such, enhancing the security of mainframes through modernization is of paramount importance. Below are a few best practices you can implement in your organization to avoid a data breach.
Knowing who has access to your mainframe is the first line of defense against a security breach. Limiting the number of people who have access to certain data also reduces the risk of stolen information, human error, and inappropriate information viewing due to curiosity. Below are principles to follow in providing and enhancing access control protection.
As a critical security measure, no user in the system should have both ops and audit privileges. Providing both allows an individual to carry out undesirable activities in the system and then cover it up.
Role-Based Access Privileges
Access to resources should be based on an individual’s role within a group, to which access is provided. Group level access allows you to revoke access when an individual leaves the group or when there is a change of roles.
Multi factor Authentication (MFA)
This avoids data breach even if passwords are compromised. As the name suggests, users are required to identify themselves in at least two methods that can be set by the organization before access is granted.
Go From Reactive To Proactive
Hackers and data thieves don’t stick to a single method of attack, so your security measures should always be updated to protect against the latest cyber attacks. Instead of simply following set processes that may be outdated, think like a hacker and the different ways they employ to bypass security controls. Identify loopholes in your security measures and determine how an intruder can manipulate them so you can set up preventive measures.
Use Pervasive Encryption
Encryption has been around for years, and with good reason. Many businesses use it to protect their data because it’s one of the most effective data protection tools created to date. The challenge with encryption lies in how it secures data; encryption has seen limited use in some organizations due to the way it degrades performance when used within x86 server environments. Newer mainframe systems employ pervasive encryption to address this issue. With pervasive encryption, extensive encryption can be done whether data is at-rest or in-flight, without compromising throughput or transaction speed. Pervasive encryption is designed to be application transparent and doesn’t require application changes during implementation, thereby reducing costs while also adhering to compliance mandates.
Use Real-Time Insights
Knowing what occurred after a cyberattack is vital in ensuring that it won’t happen again, but it’s not the best approach because it puts you in a defensive stance. The information gathered from a previous attack is useful, but the time lag between the attack, your discovery, and remediation of the issue can mean the difference between a major data breach and successful enhancement of security protocols.
It’s good to have a record of what happened during previous security incidents, but your mainframe system security shouldn’t rely on this information alone. Get real-time insights by keeping tabs on the status of your mainframes, security systems, subsystems, and data. Integrate security monitoring with enterprise infrastructure monitoring to get a big-picture view and pinpoint threats among millions of events by deploying proactive security information and event management (SIEM) solutions that can detect vulnerabilities.
Security is something that’s done not only once but regularly, so it’s imperative that you update security measures frequently. What worked years ago, or even months ago, might not work now; perform regular security health checks and continuous improvements to take a proactive approach to protecting your digital assets. Ultimately, security is still about people. Your security measures are only as strong as your system security team. Control who has access and who has authority to grant access to your systems and keep your security team up to speed on current security trends and tools to protect yourself from an ever-changing threat landscape.