Mainframe Data Security: Looking Down the Wrong End of the Telescope?

For many organizations, data is as much a terrifying liability as it is a valuable asset. My question is this: are we, as an industry, looking at data the wrong way? Are we missing a trick when it comes to understanding, managing, and securing our data? 

You don’t need me to tell you that unimaginable volumes of data are created every second. Data is the cornerstone of business in the digital age. Just look at Google, Twitter, and Facebook, for example, mining those rich seams for actionable insight and knowledge to monetize. In the mainframe world, we have IMS, Db2, and the transaction processing monitors that access all this data, including CICS and IMS. The scale is staggering: It’s been estimated that, by 2020, there will be 44 zettabytes of data (one billion terabytes) in a world with 50 billion smart devices. To put it another way, 50 billion attack vectors. And that’s just the start: this will all continue to mushroom as the Internet of Things gets a proper grip.

In light of this, “Big Data” seems a rather inadequate term to describe this tsunami, which brings a multitude of security risks and threats in its wake. But steady on, Mark, you say: “There is an upside to all this.” Of course there is. Enterprises quite rightly want to do more with all this data that’s now available: to sweat those internal and external data assets, and to store and utilize data in smarter ways to drive better decisions, in real time. And all this data needs to be protected. This is why, with the mainframe still at the heart of so many IT strategies, data is both a wonderful asset and a massive liability. Just how can you secure all those data assets so you can best utilize them? 

We need to look far more seriously at data-centric security models. Security so often sees the world from the edges inwards. The mainframe may well be tucked away deep within a network, at the center of operations under several layers of security, but it’s still vulnerable—not least to insider threats and credential theft. Too often, the standard security posture for mainframe operations is that everybody has read access to everything. You might have gotten away with that in the 1970's, 80's and even 90's, but it simply will not wash today.

So what is most important to you? Where do the greatest risks lie? Rather than thinking about defending from the perimeter in, we should instead start with the data: find your data, understand which data is most at risk and why, monitor your data, limit access, and secure it.


An international speaker in mainframe security and technology, and a passionate advocate of all things Z, Mark Wilson heads RSM Partners' Technical and Security teams.

Recent Stories
Message from SHARE: Flex Your Membership with SHARE.org

Benefits of Recycling for the z/OS Language Environment

The Underutilization of Security Software in a Highly Regulated World