How to Protect Your Mainframe from Attacks
Sadly, the reports of data breaches, large-scale hackings, and malware attacks have become so pervasive that one story bleeds right into the next. When someone says, “That government data breach,” you have to ask, “Which one?” Fortunately, your business uses mainframes so none of this applies to you, right? Um, wrong. Here’s what the mainframe folks need to know in the era of the cyber attack.
Mainframes are More Secure, Not Completely Immune
Mainframes are far safer than any other IT environment, but unfortunately, they are not immune to cyber attack. Don’t assume that just because you operate in an environment that is less prone to attack means that you are invincible. Use sound systems monitoring, network monitoring, and trusted security solutions. Mainframe tools such as Syncsort Ironstream® allow you to get real-time operational data from your mainframe so you can identify potential security risks. Also, educate your users on how to detect and avoid malicious emails, websites, and other pitfalls of the online universe.
Consider What (if Any) Data and Applications Really Need to Be Available Online
Is it really necessary to make all of your data available online? Just because everyone else is doing it doesn’t mean you should. The age of cloud computing has caused us to fall for the fallacy that if you’ve got data, it has to be readily accessible to everyone on planet earth. In many, many cases, this just isn’t so. Don’t open the data to vulnerability without just cause.
If You Can Control the Operating Systems in Your Environment, Opt for Linux
Linux, combined with other security precautions, can be an additional layer of protection for your mainframe.
We know, it’s all BYOD this and BYOD that. But there are still a few environments in which the business maintains control of the systems and devices on the network. If this is you, push for all Linux operating systems. The distros Ubuntu and Mint are particularly noted for their security. Linux can be an additional layer to your overall mainframe security plan.
Rethink the ‘Rush’ on New Projects and Initiatives
It all starts very innocently. Some folks have a meeting and someone says something’s a great idea and the next thing you know, development on the innovative new project is a top priority. It gets rushed and rolled out with lots of gaps and holes in security. Don’t do that. Before rushing into new projects or developments, think it through from the perspective of security and build it tightly from the ground up.
Spend Some Time With Your HR Pals
Not all threats come from the outside. Insider threats are some of the scariest that IT security people have to guard against. Don’t have a pal in HR? Make one. Have a heart-to-heart with the HR manager about how you can improve hiring practices and training programs to prevent inside attacks, whether those are deliberate or out of ignorance.