Running mainframe applications securely in the Cloud

by in Application Modernization & Connectivity

The mainframe has a reputation for being one of the most securable platforms available to deploy business critical applications. It has established this status because IBM, and third party software vendors including Micro Focus, have invested in solutions that have seen security evolve from simple access control, with 4 or 8 character userids and 8 character passwords issued by an administrator, to the sophisticated Multi Factor Authentication (MFA) with Single Sign On (SSO) integration widely implemented today. The scope has also been extended with modern security implementations using MFA and SSA to manage the granular access to specific resources and even subsets of resources as well as user authentication. Today’s security controls not only who can access the mainframe but what they can do with that access.

According to the 2021 BMC mainframe survey managing and enhancing security is a priority for 61% of the global mainframe community. The mainframe may have a reputation for security, but it is clear that mainframe users are not complacent recognising the need to continue to evolve to address the changing nature and source of the threat.

Mainframe security has evolved because the mainframe hosts systems that are typically the most important in the organisation containing decades of investment and uniquely encapsulating business knowledge that they would be unable to capture using an off the shelf solution. It is therefore essential that this highly valuable application and data is deployed in a secure environment. Not forgetting the reputational damage that that results from any leak of customer data, no matter how minor. When customers move workload from the mainframe to Enterprise Server they bring with them the same concerns and have the same high level of expectation when it comes to security.

To address these concerns Enterprise Server itself has a robust and evolving security model that provides the same levels of authentication and resource access control as the mainframe. This ensures access to business applications can be comprehensively managed. This includes the encryption of data in transit when using the web based services to interact with the customer using TLS 1.3. By supporting the latest TLS standard in Enterprise Server we ensure that our customers data is fully protected and prevent private data from being visible when it is transferred across the network.

Security in and around Enterprise Server is something that is taken very seriously in the Micro Focus development team who work diligently to ensure our platform is as securable as, or more securable than, the mainframe the applications are being replatformed from. To demonstrate our commitment to security we have recently invested to obtain the ISO 27001 Certification to document that we are building secure software in a secure and managed way. Throughout the development process the Enterprise Server security model is thoroughly tested and subjected to internal penetration testing.

Like the mainframe Enterprise Server can also be integrated with other security solutions, for example Micro Focus Host Access Management and Security Server which is widely used by organisations as part of their mainframe security implementation. The ability to use the same solution guarantees the same level of security with the added benefit of minimising the requirements for training end users as part of the replatform project.

Given the reputation of the mainframe for security that the mainframe has acquired over decades it is no surprise that customers express concerns when considering replatforming their applications from this proprietary platform to a more open architecture like the Public Cloud. By having a robust security infrastructure, built in industry standard technologies, Enterprise Server addresses these concerns delivering a platform that is as securable as the mainframe delivering the highest level of protection for the business applications and data that organisations depend on.

Labels:

Security
Anonymous