defense in depth! protecting your mainframe data from risk and loss
DESCRIPTION
The security threat landscape is changing at a rapid pace. Understanding the importance of having scrupulous policies to monitor system access, identify sensitive data and building a strong enterprise security program is more important than ever. This presentation will help you identify possible exposure areas on the mainframe and help you develop the foundation of your enterprise security program. For more information on Mainframe solutions from CA Technologies, please visit: http://bit.ly/1wbiPklTRANSCRIPT
Defense In Depth! Protecting Your Mainframe Data from Risk and Loss Julie-Ann Williams Mitch Rozonkiewiecz
MFT13S #CAWorld
Managing Director Advisor, Product Management millennia… CA Technologies
Mainframe
2 © 2014 CA. ALL RIGHTS RESERVED.
Abstract
The security threat landscape is changing at a rapid pace. Understanding the importance of having scrupulous policies to monitor system access, identify sensitive data and building a strong enterprise security program is more important than ever. This session will help you identify possible exposure areas on the mainframe and help you develop the foundation of your enterprise security program.
Julie-Ann Williamsmillennia…
Mitchell RozonkiewieczCA Technologies
3 © 2014 CA. ALL RIGHTS RESERVED.
Agenda
THE PAST
THE PRESENT
THE FUTURE
1
2
3
4 © 2014 CA. ALL RIGHTS RESERVED.
The Past
Mainframes represented “islands of computing.”– Proprietary protocol, mostly hardwired networking
– The Internet hadn’t been invented yet!
– Hackers existed but spent most of their time monkeying around with telephony
IT Security policies were thin on the ground.
No one had ever lost data.
1960s thru 1980s
ESTABLISHMENT OF MAINFRAME USE
5 © 2014 CA. ALL RIGHTS RESERVED.
The Past
What we cared about was making sure the RIGHT PEOPLE could CHANGE data.
SIMPLE, when you recognize the face of everyone who can access the mainframe!
1960s thru 1980s continued
ESTABLISHMENT OF MAINFRAME USE
6 © 2014 CA. ALL RIGHTS RESERVED.
The Past
Businesses had 20 years to get “hooked” on mainframes.
IT press decided that 20 years was long enough and the mainframe would soon be dead.
1960s thru 1980s continued
ESTABLISHMENT OF MAINFRAME USE
CICS
7 © 2014 CA. ALL RIGHTS RESERVED.
The Past
Lots of newcomers to the IT field in both hardware and software.
Mainframe starts to be seen as “legacy” in terms of IT strategy driven by:– Rumors of the death of the mainframe now long established
– Knowledge that “We only run one legacy application.”
– Mainframe stability means it isn’t talked about in problem meetings.
1980s thru 2000s
CONSOLIDATION OF MAINFRAME USE
8 © 2014 CA. ALL RIGHTS RESERVED.
The Past
Interestingly, this is the only industry that views the word legacy as negative!
1980s thru 2000s
CONSOLIDATION OF MAINFRAME USE
9 © 2014 CA. ALL RIGHTS RESERVED.
The Present
Global Banking Crisis!
Hacking is front page news.– Personal credentials taken
– Mainframe sites compromised through other platforms
Presentations on hacking mainframes at the last two Black Hat conferences
CHANGING THREAT LANDSCAPE
10 © 2014 CA. ALL RIGHTS RESERVED.
The Present
Businesses start to realize that they are targets even on the mainframe.– Also start to realize that the one legacy application is BUSINESS
CRITICAL
– Leading to significant investment in mainframe technology increasing
CHANGING THREAT LANDSCAPE
Also …
11 © 2014 CA. ALL RIGHTS RESERVED.
The Present
One ‘Hacking Group’ (April – August 2012)– A government agency
– A multi-national bank
– A police agency
MAINFRAMES COMPROMISED PURELY THROUGH THE MAINFRAME
Also …
12 © 2014 CA. ALL RIGHTS RESERVED.
The Present
A government agency– 10,000+ files downloaded including highly personal data
– 120,000 ESM userids + passwords
– RSA certificates modified
MAINFRAMES COMPROMISED PURELY THROUGH THE MAINFRAME
Also …
13 © 2014 CA. ALL RIGHTS RESERVED.
The Present
A multi-national bank– Attempted theft via eight bank transfers totalling
US$900,000
One was successful.
– Bank accounts hit across countries.
MAINFRAMES COMPROMISED PURELY THROUGH THE MAINFRAME
Also …
14 © 2014 CA. ALL RIGHTS RESERVED.
The Present
A police agency– Four million Social Security numbers exposed
– Shared mainframe
Other government departments may have been breached.
MAINFRAMES COMPROMISED PURELY THROUGH THE MAINFRAME
Also …
15 © 2014 CA. ALL RIGHTS RESERVED.
Capture security events independent of security logging
Capture environment changes that could affect security
Join security data and event data
Enterprise view versus LPAR
Supports CA ACF2™, CA Top Secret® and IBM RACF
CA Chorus™ for Security and Compliance Management
FIRST STEP IN MAINFRAME CONSOLIDATION
The Present
16 © 2014 CA. ALL RIGHTS RESERVED.
The Future
ENTERPRISE VIEWED AS A SINGLE SECURITY ENTITY?
Policy Driven Security
Revisit your security requirements– Do it now if you haven’t already started!
Identify:Data ContentData OwnershipApplication OwnershipApplicable Legislation
17 © 2014 CA. ALL RIGHTS RESERVED.
Data Security on z/OS
Historically, z/OS data has been protected
through the dataset (file) name
However, data is regulated by the content of
the data:
– Health Data
– Personally Identifiable Information
– Credit Card Numbers, etc.
Dataset names may not reflect the true content
– Consider how many times production data is
copied for test purposes
PROD.DATACredit CardData
TEST.DATA
18 © 2014 CA. ALL RIGHTS RESERVED.
Data Content Discovery for z/OS
The solution will crawl through data on your z/OS systems, identifying sensitive data
You initiate/control the process
The results will be coordinated and recorded, allowing them to merge with an enterprise view
All controlled by a GUI
19 © 2014 CA. ALL RIGHTS RESERVED.
The Past is still relevant and might cause
Future issues
The Present will become the Past in 24 hours
The Future will dictate the success of
your business
Are you prepared with an Enterprise Security plan?
Come talk to us after the session!
Don’t miss FBI Agent Watkins tomorrow
@ 9:45am
20 © 2014 CA. ALL RIGHTS RESERVED.
Polling Question
YES, WE HAVE A PROGRAM IN PLACE AND TOOLS TO MONITOR
YES, WE HAVE A PROGRAM – BUT NO TOOLS (ALL MANUAL)
NO, WE DON’T HAVE A PROGRAM OR TOOLS
NOT SURE – WILL HAVE TO CHECK
1
2
3
4
Do you have a program and tools in place to address vulnerabilities on the mainframe that could lead to data loss?
21 © 2014 CA. ALL RIGHTS RESERVED.
For More Information
To learn more about Mainframe, please visit:
http://bit.ly/1wbiPkl
Insert appropriate screenshot and text overlayfrom following “More Info Graphics” slide here;
ensure it links to correct pageMainframe
22 © 2014 CA. ALL RIGHTS RESERVED.
For Informational Purposes Only
© 2014 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.
This presentation provided at CA World 2014 is intended for information purposes only and does not form any type of warranty. Some of the specific slides with customer references relate to customer's specific use and experience of CA products and solutions so actual results may vary.
Terms of this Presentation