Search Rocket site

Why You Need a Mainframe Security Architect

Heidi Losee

December 9, 2019

There are a lot of pathways to mainframe modernization, but most companies are doubling down and integrating into the mainframe as a migration path moving forward. With integration a priority and security high on the agenda, organizations need to have a person who understands both worlds and is equipped to ensure mainframe security throughout integration.

That’s where the mainframe security architect comes in. As someone with experience in both worlds, they can continually review and enhance existing security policy in keeping with changing business requirements.

But, many organizations don’t have someone in this role. Or, some have designated it in the wrong place within the org. chart. Overlooking the mainframe security architect role is a big mistake. Here’s why it’s important to designate a mainframe security architect, as well as a closer look at what the role entails.

Filling security gaps

Companies say mainframe security is a priority, but research shows that they’re not taking steps that reflect that. Just 33 percent of companies surveyed say they always or often factor security into decisions about their mainframe environment.

Designating a mainframe security architect can help close this gap between intention and reality. Think of them kind of like the guardian of the mainframe. They’ll make sure security is factored into every decision made about the mainframe – everything security-related goes through them.

They also play an important role in mainframe modernization. Modernization isn’t just about updating and integrating new technology – it also requires evaluating and modernizing security strategy. The architect can oversee both of these important processes, making sure the modernized security strategy is able to protect the mainframe at all levels.

The role and responsibilities

The overarching goal of the mainframe security architect is to tighten and maintain security policies, implementing appropriate changes as business and compliance needs shift.

As part of that charge, they ensure integrity, by choosing the right security tools and designing the right security processes. They also ensure coverage, implementing new ESM (enterprise security management) security interfaces and reviewing policy and procedures to take advantage of new features.

And, they ensure that accountability for the mainframe is maintained. This involves making sure that new applications and software that interface with the mainframe don’t compromise individual accountability, and it also means making sure that the end user is who you think they are. All too often, individual accountability is overlooked, making it nearly impossible to secure the mainframe.

But, for all these important duties they fulfill, it’s important to make sure that the mainframe architect is not be responsible for data ownership. And, they should not report to Operations management. Separation of duties, designed to solve conflicts of interest and minimize unwanted risk, is essential here. A mainframe security architect should never be responsible for reporting on themselves.