Enterprise Executive 2017: Issue 2 : Page 20

No company or industry is free from the risk of insider breaches, nor is the mainframe, a platform on which organizations run their most sensitive, mission-critical applications and data. presupposes we have the necessary data to discover those patterns, and that’s only possible with an advanced auditing tool that allows us to see this change in the user’s behavior more immediately than a retrospective audit report. In our second example, imagine an authorized user ID is being used after hours. Use indicates this person is attempting to access different transactions. We don’t know it yet, but an unauthorized user has somehow obtained authorized credentials, allowing them to log in. We notice—because this unauthorized user doesn’t know what program to run or what transaction to execute—they are haphazardly trying names of transaction IDs, resulting in typos. The odd time of day and abnormal behavior of struggling to execute transactions we would expect this user ID to be familiar with are alarming. We should investigate. But again, this presupposes we have an advanced auditing tool that allows us to spot these things from the user’s perspective, as opposed to discovering trends later through a report. These, of course, are simple examples that hardly represent the plethora of growing security vulnerabilities companies face, 20 | E nt e rp r i s e E xe c u t i ve | 2017: Issue 2 including in their mainframe environments. Merely tracking user flows in a mainframe environment limits risk management capabilities, and a company could face major consequences, be it a damaged reputation with customers, or penalties incurred after a failure to comply with tightening government regulations or company security policies. Only with the proper auditing tool can your company keep a closer eye on what’s going on in its mainframe environment and fight against the growing threat of insider breaches. Resources • Cisco 2016 Annual Security Report , San Jose, CA • Association of Certified Fraud Examiners 2016 Report to the Nations on Occupational Fraud and Abuse , Austin, TX • Greengard, Samuel, “Deep Insecurities: Things Just Keep Getting Worse,” CIO Insight , 8 February 2017. EE John Crossno is the product manager for Compuware’s Security Solutions with an extensive background in product management for mainframe software and storage environments, development and field technical services. Email: john.crossno@compuware.com

Previous Page  Next Page

Publication List
Using a screen reader? Click Here