Is Virtualization the Answer to Mobile's Security Vulnerabilities?

At face value, the growing ubiquity of mobile – from BYOD to consumers' love affair with all things app – presents little danger to the mainframe. The mainframe, in short, is impenetrable. End of story. Well, not quite.  In truth, mainframe operations can certainly be affected by mobile security threats to a company's IT system. The growing use of employees' own mobile devices (i.e. BYOD) is one clear example.

Another example – and one that we'll be examining   closer in this post -- is the growing number of complex mobile applications that are linking into a company's overall IT infrastructure and technology and business architecture.

Consider the modern-day global manufacturer. It states the obvious to say this manufacturer has complex data management needs supporting its just-in-time manufacturing, logistics and parts operation. The system – or rather, the people accessing this system -- must manage and analyze data about vehicle parts availability, shipping estimates, inventory levels and sales planning. Increasingly, this information is being accessed from the shop floor – via a mobile device such as a tablet.

In some cases, companies are incorporating social media and mobile in these applications. Cisco tells of Industrial Mold and Machine in Twinsburg, Ohio, which makes custom molds for plastic bottle manufacturers and provides its workers with an iPad-accessible social media platform for production-line quality control, design access and problem-solving. This trend will only continue.  A recent survey by the Manufacturing Leadership Council find that 13% of manufacturing executives plan to digitize their design/production processes, and social media tools represent an important component. By 2023, that percentage will rise to more than half (53%).

Indeed, considering the gravitas of some of these mobile apps, one could argue that they are on track to presenting a bigger security risk to IT than BYOD.

One obvious response to this potential security issue is to test and develop such apps within the mainframe environment to ensure they work as they are supposed to – and, more importantly, don’t leave the company vulnerable to unexpected flaws or glitches.

 In reality, though, developing and testing apps within a mainframe environment is a time-consuming endeavor, to say nothing of costly. The testing process can pose unexpected risks as well, especially if the data used is customer data that has not been masked--which happens more often than one would realize, or like.

Enter service virtualization, in particular service virtualization for the mainframe—an especially useful tool for developers that are building complicated mobile apps that integrate deep into an enterprise's IT system. 

 A number of vendors, including IBM, have been rolling out simulated test environments for the mainframe with an eye to creating a safer environment for mobile app testing and development.

"Mobile development is one of the areas that IBM has been emphasizing for the mainframe," Charles King, principal of Pund-IT, says, "and in general this is something I have been hearing about from other vendors as well – that is, using the mainframe in conjunction with a general purpose virtualization platform to ensure that new tools and products are securely tested and developed."

Last October IBM released a slew of new technologies along these lines, including a new enterprise Power Systems, a new high-end disk storage system and key software updates for IBM's newest mainframe computer. To highlight one tool, IBM unveiled a Software Defined Networking controller for its enterprise networking portfolio that provides intelligent software for IBM RackSwitch and other OpenFlow-enabled switches. Through OpenFlow, IBM said, developers can create virtual networks with the scalability and flexibility required to respond to business changes in cloud and mobile services environments.

IBM is hardly alone. Statistics show that vendors are targeting the virtualization solutions market in response to growing demand. IDC, for instance, reports that the Virtualization Solutions market is expected to grow 12.3% year over year in 2013 and maintain this pace as it moves from 14% overall market share in 2011 to more than 20% in 2016.

Gartner weighed in as well: it reports that the IT operations management (ITOM) software market revenue reached $18 billion last year, for 4.8 percent year-over-year increase. That growth was fueled in part by investments in virtualization management tools it said.

It is little wonder demand for these tools is growing – virtualization is becoming a crucial environment for testing if nothing else, from a safety perspective, says Graham Cluley, a London-based independent software analyst.

The bottom line, Cluley says, "is that there is no such thing as a 100% secure computing environment. And I would argue the case that the mainframe's greatest vulnerability could be the sense that it is impenetrable – that it can't be attacked. "

With this mindset so prevalent in IT, Cluley says, "virtualization tools can be a great asset, allowing IT to run software and tools and test certain scenarios in a sandboxed environment."

Virtualization in the Enterprise is a hot topic at SHARE in Boston, this August 11-16.

Recent Stories
The Power of Mentoring for Mainframe Career Development

Celebrating 40+ Years with SHARE: An Interview with Aron Eisenpress

Mainframe Matters: The Unsung Heroes of Government Agencies