Mainframe, Mobile, and Modern Security
The mainframe has undertaken a lot over the past five decades. It’s sent men to the moon, taken on cloud computing, and manages most of the world’s transactions on a daily basis. But this workhorse isn’t finished yet. Up next: tackling the prickly issue of mobile security. Mainframes are now being used as the backend support for countless mobile apps, and along with this new challenge is the even bigger challenge of making those transactions and inquiries safe and secure, both for the mobile user and for the systems the mainframe supports.
How can you add mobile and mainframe and come out with a secure environment? We won’t insult your intelligence by claiming any ‘easy steps’ because there are none. But with smart setup, diligent planning, and absolute attention to detail during management, you can be pretty sure that your systems are as safe as they can be in this, the Age of the Data Breach. Here’s what you can do:
Do Not Depend on the Default Security Settings
Never depend on the default security settings, especially when mobile users will be on the environment. Always customize those settings for maximum protection of the systems, data, and users.
The latest z System mainframe has some impressive security features, but it doesn’t come that way by default. Don’t neglect to go through and customize the security settings when you configure your new mainframe. If your system is one of the older ones, it doesn’t hurt to go back and tweak those a bit, as well.
Utilize the Best Possible Monitoring Solutions
Even with the latest and greatest of IBM mainframe security features, that just won’t be enough when you add mobile users to the mix. The best monitoring solution is actually a conglomeration of monitoring, including network monitoring, application monitoring, user monitoring, etc. There are two ways to approach this: either by contracting with a monitoring service or by using internal personnel to do the monitoring.
Designing Mobile Access for Security
The way you design systems will play a huge role in how secure you can keep the mainframe with mobile users. Though it isn’t a popular design technique with the users, an effective way to boost security is to approach access with the mindset of keeping everyone out and allowing in only those users you can authenticate.
Most mobile environments these days are designed the other way — let everybody in unless it looks like a threat. While that approach is ideal for making the users happy, it’s the best possible setup for allowing a data or systems breach. Additionally, you can require multi-factor authentication, or at least adequately secure passwords for access.
Build the Best Possible Mobile Usage Policy
Will users adhere to your usage policies? No. That’s why you need to back the policies up with the right system design and the ability to wipe data off of devices remotely.
Though policies aren’t as easy to manage as security settings and monitoring solutions, the behavior of your users is the single most important factor in keeping any environment that supports mobile secure. Great user policies include:
- Strict requirements or restrictions for public Wi-Fi use
- Disallowing devices to remember security settings and passwords
- A distinct policy for reporting lost or stolen devices
- The technical ability to wipe the data from lost or stolen devices
In essence, it looks like a really good enterprise BYOD policy.
Is this all it takes to assure mainframe security with mobile users gaining access? No. But these steps will take you a long way toward sleeping decently at night.