Cybersecurity

Mainframe Cybersecurity

Mitigate Mainframe Cybersecurity ‘Blind Spots’

Seventy-eight percent of CIOs say the mainframe is the most securable platform in an enterprise*, but that doesn’t make it invincible. Increasing digital demands requiring cross-platform collaboration is revealing mainframe cybersecurity “blind spots” that introduce new risk to the following areas:

  • Distributed/Mainframe Interaction
    It’s much easier to hack user identities and credentials by way of the distributed environments your mainframe interacts with. Once hijacked, those credentials can be used to infiltrate your mainframe environment under whatever nefarious motives an attacker has.
  • Privileged Users
    Both privileged users abusing power of access and malicious outsiders posing as authorized users are possible insider threats. The more one-dimensional your visibility of mainframe activity is, the more exposed your environment will be.
  • Agile Dev/Test
    Faster, more frequent development and testing requires more sampling and shipping of mainframe data to external dev/test servers, exposing it to more risk. Less experienced developers coming into the workforce that are not equipped with the right tools also increase the risk of application flaws that could compromise system integrity.
  • Outsourcing
    If someone else is in control of your mainframe environment, how can you protect it? Outsourcers may have strong financial incentives to focus on activities, as mandated by their agreements, that typically don’t include cybersecurity beyond the traditional access and authorization controls. And with high turnover rates, workers may be indifferent toward security improvements.
  • SIEM Analytics
    As SIEM engines grow in popularity, mainframe data often remains separate from the repository of gathered and analyzed information originating from other systems across the enterprise. Excluding the mainframe only decreases visibility, which in turn increases mainframe cybersecurity risk.

Establish New Mainframe Cybersecurity Best Practices

Re-securing these areas is more complicated than reinforcing conventional mainframe cybersecurity practices like collecting SMF data and other disparate logs to “get a feel” for what’s going on. To truly improve mainframe cybersecurity, you need modern tools designed to thwart modern threats that are taking advantage of blind spots evolving out of the digital age. Compuware offers a range of cybersecurity solutions to help.

Capture More Complete and Granular Data

Use Application Audit to capture mainframe session activity from the end user’s perspective, helping you see which data is being viewed, who is viewing it when and where, and the application through which they’ve gained access.

Integrate Mainframe User Behavior Activity into Enterprise SIEM

Application Audit feeds mainframe user data to SIEM engines like Splunk® and QRadar®, either directly or in combination with CorreLog® zDefenderTM for z/OS or Syncsort Ironstream®, enabling you to correlate user behaviors across platforms.

Reduce Dependency on Privileged Users

Application Audit’s intuitive web interface allows mainframe-inexperienced security personnel to easily set session recording parameters, enable mainframe intelligence to be integrated with popular SIEM engines and review activities. This deconstructs the silo in which a handful of super users oversees mainframe cybersecurity using an outdated toolset that requires esoteric knowledge of special code and commands.

Improve and Enforce Mainframe Test Data Privatization

Compuware’s Test Data Privacy solution through File-AID helps you establish consistency with mainframe cybersecurity practices such as test data masking and obfuscation. This makes it easy to enforce adherence to a set of data protection policies in your mainframe environment, combatting neglect of those key areas.

Embrace Automated Mainframe Unit Testing

Topaz for Total Test automates the creation and execution of unit tests, enabling your developers to scrutinize and correct issues in the small parts of programs ahead of future testing and production. Setting a foundation of unit tests reduces the likelihood of future vulnerabilities, strengthening security.

*Findings from an April 2017 survey of 400 CIOs at large companies across vertical markets in both Europe and the U.S. commissioned by Compuware and conducted by independent research company Vanson Bourne.