How to Lock Down the Core of your Hybrid IT Environment with a Zero Trust Architecture
March 23, 2021
Organizations are moving parts of their IT environment to the cloud for its flexibility and the belief that there are cost savings. But what most don’t realize is that the cloud is not a mystical force floating in the air – there’s complex infrastructure behind it that is not much different than what every organizations’ data center has in it today.
Even though we talk about businesses “moving to the cloud” or “going digital” the mainframe still plays a critical role. Tons of data lives on the mainframe, feeding in and out of the cloud every second. Why keep the mainframe in play? No one wants their most sensitive information in the cloud alone, unable to effectively report where it has been or who has had access. This goes for both customer information – from credit card data to medical records, to financial history – and businesses records that could give away invaluable trade secrets or sales information.
Cloud-connecting the mainframe delivers tremendous value, but also creates new, dangerous threat vectors. While the mainframe is seen as the pinnacle of IT security, this hybrid environment opens the door to criminals with an increasingly sophisticated toolkit for penetrating networks and attacking systems, devices and programs.
To make the most of the cloud, organizations need to implement a Zero Trust Architecture to be sure their cloud-mainframe connections are secure and reliable. Security and management isn’t always at the top of cloud developers’ list, with a reputation for slowing things down. Let’s have a look at the programs and policies that security managers can implement to support a Zero Trust Architecture and ensure a tight cloud-mainframe connection.
Computer vulnerability awareness program
From the financial industry to manufacturing and everything in-between, security needs to be as routine as your morning coffee. And everyone needs to be on board from the CEO down to interns.
To minimize threats to the mainframe, organizations need to implement computer vulnerability awareness programs, arming employees with a basic understanding of what’s at stake and how their actions play a role. Everyone should be able to talk about the difference between code-based and configuration vulnerabilities and know that each time there’s a change to their system – whether it’s their smartphone or work laptop – it’s an opportunity for new vulnerabilities to be introduced.
Aside from general awareness, these programs need to emphasize integrity and accountability. Employees can work together to stay vigilant in their daily digital lives to ensure organizations jump on suspicious activity as soon as possible. Everyone needs to understand that they’re responsible for locking down their devices, especially with the growing number or IoT devices infiltrating our homes, connecting to the same networks as work-related devices. This includes taking ownership over rectifying potential security issues that crop-up on your own devices.
Appoint a mainframe security architect
Organizations need to know who did what, to what and from where. This is especially true for the mainframe. Unfortunately, distributed, hybrid systems don’t always support the level of accountability required for top-notch security.
The mainframe security architect takes ownership over the mainframe, in the same way individuals need to take ownership over their personal devices. This person champions individual accountability on the mainframe, ensuring that every application and every system provides visibility into who the end-user is, minimizing the use of service accounts.
This can take a bit of bravery, as these policies do have potential to slow-down connectivity. But that’s exactly why the mainframe security architect is there, illustrating to business leaders how their IT decisions could cost them later on if they compromise security.
Proactive threat hunting
A regular cadence of threat hunting on the mainframe assumes that vulnerabilities already exist and that the bad guys have already infiltrated their networks. Anyone can get in from the IP address and network node and then from there remotely access the mainframe and all of its data. Even more doors are opening to hackers as design engineers connect new devices to the internet, from printers, to tablets, to security cameras, you name it. While this new technology is exciting, oftentimes the security and management of these devices are not given the proper level of attention, opening the door for abuse.
In response, organizations need to conduct vulnerability analysis frequently, seeking out open doors before someone is able to sneak in and wreak havoc. If the phone rings to alert you of a problem on the mainframe, it’s too late.
Patch management
Beyond discovering vulnerabilities, organizations need to instill patches – updates to existing applications. Patches vary in urgency and difficulty to apply, but nonetheless, teams need to move patches as quickly as possible once obtained from the vendor.
Not all patches are groundbreaking – they could be as simple as a font change – but many have the potential to cause massive problems if ignored consistently. To close-up known vulnerabilities, organizations needs to continuously analyze their devices for available patches, assign levels of importance to those that exist, deploy them as soon as possible, then monitor their success. As a result, known vulnerabilities, which hackers frequently stay on the pulse of, will be mitigated before it’s too late.
Intense accountability is what gives the mainframe its reputation as the gold standard of IT security. And it’s why the cloud’s reputation is not so great. To support a secure connection between the two for an ultimately productive hybrid environment, organizations need to implement Zero Trust Architecture. Organizations must raise awareness around how individual actions impact the safety of their IT, getting every employee on board. Meanwhile, a mainframe security architect can exemplify accountability and power important policies that ensure the mainframe is secure.
