As mainframe application development grows, so does the security risk

Mainframe systems process a vast amount of vital transactions daily—that includes everything from the swipe of a credit card at the grocery store to purchasing an airline ticket online or accessing sensitive healthcare information. A Rocket Software survey found that over half (51%) of IT leaders rely on mainframe systems to handle all, or nearly all, core business applications.

Despite the importance of the mainframe, it has been neglected over the years with organizations focusing on perimeter security. According to Gartner, IT security software is the top purchase category (28%) for those buying IT-related software. But only eight percent of those buyers are purchasing IT management software. This presents a serious gap in overall capabilities when it comes to ensuring organizations are adequately equipped to manage security operations, particularly within a mainframe setting.

Mainframe security is critical to IT infrastructure, especially in industries like banking, insurance, healthcare, and government, where mainframes often store vast amounts of sensitive data. If exploited, a single mainframe code vulnerability can allow a hacker to bypass security controls and corrupt a system, all while covering their tracks—all of which come at a high cost to the company.

The mainframe has long been considered one of the most secure systems for IT leaders, but as new technologies like open source enter the equation, relying on a reputation of security is nowhere near enough. Once hackers find their way into the mainframe, it’s easy for it to go unnoticed. Hackers can quickly implement backdoors into a mainframe, so even if their presence is detected and a vulnerability is closed, they have gained access to the system and can further compromise it.

Let’s imagine a hacker exploits a vulnerability found in a program running in IBM z/OS. A hacker with no authorized access can use a common script to take advantage of that vulnerability, escalate their authority, bypass security controls, and edit corporate payroll data. 

What steps can be taken to minimize the risk of hackers penetrating the mainframe?

Be proactive

Identifying and fixing vulnerabilities requires IT leaders to be proactive in their security operations. Regular assessments of a business’s security capabilities and vulnerabilities within a business are a must-have when it comes to ensuring systems are secure.

As new regulations introduce new requirements, businesses are held to greater responsibility and onus to shore up their IT systems. Add to that the rise of open-source software among mainframe developers, and proactively working to stamp out any security risks becomes even more critical.

Adopt continuous monitoring

The arrival of open-source software has greatly impacted the mainframe application development space, but as is the case with any new technology, it also invites new risks. While the mainframe is inherently a highly secure environment, incorporating an open-source piece of code developed by a third party means vulnerabilities can sneak through. To ensure their systems are secure without sacrificing the benefits of open-source development, businesses must make their way toward continuous monitoring.

Organizations need to establish processes for continuous monitoring in application development to ensure that vulnerabilities are spotted quickly and addressed before an attacker can break in. Getting proactive about mainframe security means remaining vigilant and ready to catch weaknesses before they lead to something much bigger.

Integrate with DevOps

Despite understanding the importance of integrating security practices with DevOps, many organizations face significant barriers to successful implementation. Challenges such as limited automation and integration capabilities, incompatibility between legacy mainframe security tools and modern DevOps toolchains, and resistance to changing from traditional security methods are often barriers for businesses.

DevSecOps helps ensure security remains a consistent, shared responsibility throughout the software development life cycles and that security updates are added quickly and smoothly, reducing risk. It’s a set of best practices that have quickly gone from a new idea to something that is a mission-critical piece of mainframe security.

Make the most of security services

Digital transformation, emerging technologies, and evolving regulations have made managing IT infrastructure security a complex challenge. But that doesn’t mean IT leaders need to face those complexities alone. Taking advantage of services delivered by a trusted expert and partner, IT security teams can tackle even the most complex security challenges, ensuring and maintaining compliance and preventing disaster before it ever has a chance to strike.

Mainframes are under more pressure than ever before. With evolving technologies from partners like Rocket Software, businesses can minimize the risks that come with securing the mainframe.