How Secure is the Mainframe in 2020?
The mainframe remains the most intrinsically secure platform on the planet for several additional reasons. First, all of the hardware and software that’s needed to complete mainframe transactions resides on a single machine, unlike a distributed environment where there is much network traffic that can be intercepted by an attacker. Second, mainframes’ front-end processors often handle the task of interfacing with the rest of the world, freeing up the system to do nothing but what it was expressly designed for – executing transactions. These front-end processors also handle the security aspects, effectively isolating the mainframe from the rest of the world.
Yet according to a recent survey of CIOs worldwide, 70 percent report they have been surprised by the amount of additional work and money required to ensure newer platforms match the mainframe’s level of security. In fact, security – along with superior reliability, scalability and sheer strength – are key reasons for the mainframe’s longevity, and it stands alone in its ability to handle the massive workload increases brought on by the digital economy.
From a security perspective, however, there is a growing threat that all organizations must keep an eye on, including mainframe users – and that is the insider threat. According to IBM’s 2020 Cyber Security Intelligence Index, approximately 60 percent of all cyberattacks are carried out by insiders. The insider role in breaches – whether malicious or inadvertent – is massive and growing, across all types of companies.
Another recent survey of U.S. CIOs at mainframe-based organizations found that a majority of their business-critical information – and customers’ personally identifiable information (PII) – continues to reside on mainframes. This makes determining how best to safeguard against inside attacks a critical business decision.
By all accounts, a mainframe renaissance is here. After years of negativity and predictions about the impending death of the mainframe, the technology is experiencing a resurgence and wide adoption this year, with even greater growth predicted beyond 2019.
Case in point: IBM’s Z series mainframe sales are up 70% year-over-year. And a recent Compuware survey showed that mainframe workloads are increasing. Currently, 57% of enterprises with a mainframe run more than half of their critical applications on the mainframe, but that number is expected to rise to 64% by next year, according to Compushare.
As the face of IT has changed, the mainframe has kept up with trends, with its ever-evolving ability to provide the performance and number-crunching required by technologies such as machine learning and artificial intelligence.
But while mainframe technology has evolved to meet the trends, the security processes and practices needed to keep the platform secure haven’t exactly kept up. It’s not for lack of technology and tools, however. The phenomenon is largely due to a series of misconceptions among IT professionals around mainframe security. Those misconceptions are placing countless businesses — and an enormous amount of sensitive customer data — at serious risk.
I’ve spent the majority of my career in mainframe security, and the one mistaken belief I come across consistently is that the mainframe is inherently secure. What I hear is that mainframes have security built into them from the ground up — that through cryptographic hardware acceleration and a secure operating system, mainframes fulfill the critical requirement of keeping data protected. But that’s only part of the story.
If you’re thinking “But one of the main reasons I chose mainframe technology was its reputation for security!” you’re not mistaken. It’s true — the mainframe is arguably the most secure platform. But really, I prefer to think of the mainframe as the most securable platform. Any system comes with weaknesses, and the mainframe is no exception.
Like any other system, mainframes are subject to ransomware attacks, cybersecurity threats, and vulnerabilities that leave them open to serious exposures. Despite the reputation for security, reliability, and scalability, the mainframe requires the same level of attention as any other computing platform when it comes to security.
Unfortunately, I see businesses overlooking mainframe security all too often. This advice isn’t only meant for businesses new to mainframes that might not know any better. It’s also an important reminder to businesses that have long been relying on mainframes to run mission-critical processes and safeguard sensitive customer information.
Overlooking mainframe security is an industrywide issue today. Recent research shows that even though 85% of companies say that mainframe security is a top priority, 67% admit that they only sometimes or rarely factor security into mainframe environment decisions.
In other words, companies aren’t practicing what they preach when it comes to mainframe security. And as we hear about a new data breach seemingly every day, business and consumers alike should be worried about the implications of security complacency.
There’s also a widespread lack of knowledge around how to best protect the mainframe. Executives around the world rank security as the second-biggest challenge today, but they’re not sure how to get started.
Creating a Mainframe Security
Companies can’t afford a breach: The cost of a data breach is high, averaging $3.86 million globally, not to mention the damage to your business in reputational harm and potential lost business. With that in mind, how can businesses build a successful mainframe security strategy?
Most organizations rely on third-party tools to establish permissions (authentication) and access control (authorization), but that alone isn’t a complete solution. Security exploits are also a major cause of breaches, and organizations need to make sure they’re taking steps to protect against them. A Forrester survey of companies that have experienced a data breach within the last year found that 35% were caused by an exploited vulnerability.
Despite the challenges, organizations can keep more black-hat hackers at bay and improve the security of their mainframe environments by leveraging the growing number of automated and better-integrated security tools — especially encryption and data protection, multifactor authentication, and more robust password management.
There is no such thing as total security for any type of technology. Someone who wants to break in badly enough will find a way.However, the chances of your mainframe providing a path for the bad guys into sensitive data are pretty small. And you can make them even smaller with the proper access control, encryption and other security strategies for mainframes.