iTech-Ed Ltd

Cloud security for mainframers

Follow us on Twitter

Pinterest


Monday, 26 June 2023

One of the things that mainframers are rightly proud of is the security that surrounds working on a mainframe. Data can be secured at rest, in motion, and even while being used. Using modern mainframe security products like FIM+ from MainTegrity, makes it possible to quickly identify when data has been changed and whether that was an expected change or not. It’s also possible to quickly identify which backup copy should be used to restore data from. And it does much more. Basically, what I’m saying is that when mainframe security is done properly it works well and is fairly easy to use. I’m not saying it’s perfect, that’s not the world we live in.

If you’ve read any mainframe news stories for the past year, they are predominantly about mainframe sites modernizing and moving applications to the cloud, or even just getting rid of their mainframe and moving to a cloud-based environment only. The question that no-one seems to ask is whether the cloud is any more secure than a mainframe. Well, is it?

I guess the answer is that when cloud security is done well, it can be quite secure.

Just looking at AWS for the moment, it provides:

There are other security products available.

IBM has recognized the need to extend mainframe security and has recently come out with some announcements. It is planning to help customers simplify and enhance cloud security by bringing together native AWS Cloud Foundational Services with IBM Security QRadar Log Insights and IBM Security QRadar SIEM. It’s also strengthening its Guardium family of data security products, extending data visibility and control into AWS.

IBM Security QRadar Log Insights, which is a cloud-native management platform, is being brought together with several AWS native services. Roles and permissions are programmatically set-up within the AWS Identity and Access Management (IAM) Identity Center, and AWS Control Tower configures Log Insights, which are designed to help shorten time-to-value and reduce cloud misconfigurations.

Customers can expect the following benefits:

In addition, IBM has enhanced its Guardium data security products, helping customers better protect and manage their cloud data:

IBM Security Services, part of IBM Consulting, is announcing support for the AWS Global Partner Security Initiative. This new initiative will provide the opportunity for IBM and AWS to provide transformational security and compliance services with actionable security data that leverages the power of generative artificial intelligence (AI).

The AWS Global Partner Security Initiative comprises four security pillars: Managed Detection and Response (MDR); Cyber Resilience Emergency Recovery; Security-led Cloud Migrations; and Continuous Regulatory Compliance. Through this initiative, IBM initially intends to focus on helping customers migrate, modernize, and operate critical business workloads in the cloud. This also builds on the dedicated resources and deep expertise within IBM Consulting to work with shared AWS customers to bring secured, automated solutions to hybrid cloud environments.

Clearly, IBM has recognized that while cloud security is good, it needs to be enhanced in order to bring cloud security up to the same level as mainframe security.

I would imagine that very soon we will be hearing about artificial intelligence (AI) products being used on mainframes and in the cloud to maintain the security of those environments against both would-be hackers and disgruntled staff. Although, I suppose that somewhere hacker gangs are building their own AI software to hack those same cloud and mainframe sites.

If you need anything written, contact Trevor Eddolls at iTech-Ed.
Telephone number and street address are shown here.