Stopping Mainframe Data Breaches

The mainframe has earned a strong reputation for security, but that has one potential downside: complacency. Many within the IT industry – even experienced mainframe operations professionals – take mainframe security for granted. But like any other system, the mainframe is vulnerability to data breach, loss, and attack.

Errors in mainframe operating system code can leave gaps for hackers to exploit. Misconfigured vendor updates can create zero-day vulnerabilities. Excessive access risks can crop up when user accounts are granted privileges that extend far above and beyond the level of access that is appropriate and essential for their role.

These are just some of the risks that lead to mainframe data breaches. To fight back, organizations need to understand what needs to be protected, as well as who has access, and why they have access.

Key Resources has years of experience protecting mainframe data. Backed by the industry’s top mainframe security technology and uniquely experienced counsel, we help organizations devise a security strategy that plugs gaps, meets compliance and fits their long-term business and IT strategy.

Research

Don’t Let Mainframe Security Complacency Leave Your Critical Customer Data At Risk

Mainframes are increasingly targeted in data breaches because of the wealth of sensitive, mission-critical information they contain. But, are organizations’ current mainframe security attitudes and processes up to the task?

To find out, Key Resources Inc. commissioned a study, conducted by Forrester Consulting, of 225 IT management and security decision-makers at North American companies with $500 million+ in annual revenue.

We found that despite widespread awareness concerning the stakes, enterprises simply aren’t devoting enough attention and resources to mainframe security.

Mainframe Security FAQs

Can mainframes be hacked?

In short, yes. It’s not always easy, but hackers have found creative ways to infiltrate corporate mainframes. And many of the familiar attacks that threaten distributed computer systems still apply to the mainframe, especially given how increasingly integrated the system now is with public-facing systems and networks. For example, the main server for Nordea bank was the first known victim of mainframe ransomware, in 2012. Hackers have every reason to search for entry points to the mainframe: it holds a treasure trove of valuable personal and business data that could be stolen, sold or otherwise misused. Research suggests up to 87 percent of the world’s credit card transactions are processed on the mainframe.

What are code-based vulnerabilities?

Code-based vulnerabilities are areas of flawed code that allow a program to bypass the security controls put in place by the operating system and the organization. There’s a huge amount of risk involved with code-based vulnerabilities. If a hacker were to exploit one, they would have access to all of the data, applications and users on the entire mainframe. That could be catastrophic for any organization, especially if the hacker were to gain system administrator privileges. Hundreds of applications and thousands of users could be exposed, all from one single code flaw. While most mainframe operations teams use Enterprise Security Managers to scan for application code bugs, these tools don’t scan for OS-level code. For that, you need a mainframe vulnerability scanning tool purpose-built to find OS code gaps.

What is Zero-Trust and how does it apply to the mainframe?

Forrester analysts conceived of the Zero Trust security framework in 2012. The principle describes a strict security approach in which internal user accounts are treated with the same level of scrutiny as unknown external accounts, and therefore must undergo rigorous identification and authentication. It argues that putting inherent trust in internal user accounts – such as for employees – is flawed, since these credentials can be misused, misplaced, stolen, or otherwise compromised. When applied to the mainframe, Zero Trust essentially means that mainframe user accounts need to be thoroughly identified and authenticated before being granted access. Additionally, a Zero Trust approach to mainframe security puts a spotlight on issues of excessive access – in which mainframe user accounts are given a higher degree of privilege than what is absolutely necessary to complete their job.  

Learn about the top mainframe security threats.

vulnerability scanning software for the mainframe

z/Assure® Vulnerability Analysis Program (VAP)

z/Assure VAP is the only software that automatically scans for and identifies vulnerabilities in OS code, providing the information needed to protect systems.

compliance assessment software for the mainframe

z/Assure® Compliance Assessment Manager™

z/Assure CAM, our automated compliance assessment solution, helps protect sensitive data by enabling organizations to enforce security policy across critical mainframe and ESM systems.

mainframe integrity assessment services

Integrity Assessment Services

Without operating system integrity, there can be no system security. An integrity assessment from Key Resources focuses on the health and security of the mainframe operating system.

conversion software for RACF, ACF2 and Top Secret

External Security Manager (ESM) Conversion Services

Key Resources offers expert ESM conversion services, relying on proprietary tools – z/Assure SCU and z/Assure SMU – to manage conversions for all major ESMs: RACF, Top Secret, and ACF2.

DB2 database security software

Db2 to RACF® Security Conversions

Using our proprietary z/Assure SCU4DB2 tool, Key Resources can help you convert from Db2 security to RACF® to take advantage of its stronger security capabilities.

ESM password conversion software

Password Propagation Support

Using z/Assure PPS, our proprietary password propagation software, Key Resources can quickly and securely transfer existing passwords over to your new security package.

Talk to Key Resources to find the right mainframe security solution for your business.