‘Tis the Season for Mainframe Security

November 22, 2023

The holidays have arrived! As the retail world gears up for a busy shopping season with people everywhere scrambling to find the perfect gift, that means a flood of transactions from online or in-person shopping will put those businesses’ IT—and specifically mainframe—chops to the test. Whether you realize it or not, mainframes are behind a vast majority of the things that make everyday life possible, from all that shopping to supporting the air travel that will send thousands of people across the country for the holidays. In fact, mainframes are leveraged by 71% of Fortune 500 companies, showing just how critical these systems really are.

Any disruption or downtime that hits the mainframe is already incredibly costly, but couple that with the rush of the holidays and it could spell disaster. With the stakes so high, are businesses up to the task of keeping mainframes secure from attacks? To find out the answer, Rocket Software surveyed 250 U.S. IT directors and vice presidents in firms with more than 1,000 employees to understand how they are approaching mainframe security. Let’s find out what they had to say.

Business Leaders Understand the Risks, But There’s Still Work to Be Done

Among the leaders Rocket Software surveyed, mainframe security ranked as a major concern for 68% of respondents and was something their organizations were taking very seriously. While that’s a promising sign, 27% of respondents also stated they know it’s important, but don’t have the funding or resources to contribute as much as they feel they should. The mainframe has long been considered one of the most secure systems for IT leaders, but as time goes on and new technologies like open source enter into the equation, relying on a reputation of security is nowhere near enough.

Getting Proactive about Shoring Up Mainframe Security

With so much activity running through the mainframe, identifying and fixing vulnerabilities requires IT leaders to get proactive in their security operations. Regular assessments of the security capabilities and vulnerabilities within a business are a must-have when it comes to ensuring systems are secure. Respondents to Rocket Software’s survey seemed to agree on its importance as 56% of leaders said they conduct security assessments on an annual basis, while 33% said they run assessments every one to two years.

Proactivity is quickly becoming one of the most important components of mainframe security. At a time when new regulations bring all kinds of requirements, there’s greater responsibility and onus placed on businesses to shore up their IT systems. Add to that the rise of open-source software among mainframe developers, and proactively working to stamp out any security risks becomes even more critical. Fortunately, when it comes to open source, businesses are largely ahead of the game. Among respondents, 62% said they consistently perform vulnerability assessments and security audits and another 58% continuously monitor and update open source for security patches.

Getting Mainframe Security in Line with DevOps

Integrating security best practices into the DevOps tool chain is a task that’s easier said than done for many businesses. While these organizations understand the importance of DevSecOps in the mainframe, many still face significant barriers to achieving successful implementation. Of those surveyed by Rocket Software, the top barrier to securing the DevOps pipeline in the mainframe was limited automation and integration capabilities. Other top barriers included incompatibility between legacy mainframe security tools and modern DevOps toolchains, resistance to changing from traditional security methods, auditability and tracking of changes and actions and a lack of specialized skills in mainframe security among DevOps teams.

DevSecOps helps ensure security remains a consistent, shared responsibility throughout the software development life cycles and that security updates are added quickly and smoothly, reducing risk. It’s a set of best practices that have quickly gone from a new idea to something that is a mission-critical piece of mainframe security.

Mainframes are under more pressure than ever before. With evolving technologies, regulations and economic factors impacting businesses, Rocket Software can help ensure a merry and bright holiday season for mainframe shops.