IBM Systems Magazine, Mainframe - July/August 2017 - 17
Figure 1: CICS Unit of Work ID On top of this risk is the additional burden of compliance. Many mainframe clients struggle to produce adequate compliance reporting for the variety of existing regulations such as the Sarbanes-Oxley Act (SOX) and PCI DSS. Approved in 2016, the European Union General Data Protection Regulation (GDPR) impacts all organizations worldwide that house data for European subjects. There's little doubt many mainframe systems include customer or patient data on European subjects. Data Protection Solutions Developed with deep mainframe knowledge and tightly integrated with the mainframe systems, IBM offers the most robust software with the necessary knowledge to perform these functions with performance in mind. IBM Guardium* provides a robust set of capabilities to protect data, assess and recommend changes for security, reduce risk and improve compliance across the data landscape. Guardium for the mainframe includes support for data activity monitoring, data classification for DB2*, data encryption for IMS* and DB2, and more. Complementing perimeter controls, Guardium data protection is the closest layer of protection to the data and therefore plays a critical role in a holistic information { The quantity of breached records has reached Figure 2: Policy-Based Blocking Access risk and protection strategy. The data activity monitoring capability in Guardium for IMS, DB2 and data sets provides real-time monitoring, alerting and analytics on data access. Monitoring mainframe data access provides the raw data and the analytics to give you unprecedented insights into the who, what, where and when of data access and privilege management. Some benefits of activity monitoring include: 4 billion, according to the IBM X-Force Threat Intelligence Report * * Instantly alert security operations teams of privileged user access outside of designated timeframes or from approved IP addresses Negative SQL reporting for DB2 to help detect possible SQL injection attacks or the presence of an actor that's fishing for data. Monitoring negative SQL codes provides value to the application developers and database administrators by uncovering application problems that * * * cause additional overhead on the system. Satisfy compliance reporting requirements (e.g., SOX, PCI DSS, HIPAA, GDPR) Mitigate risks. For example, clients who use Guardium have uncovered operational risks by analyzing activity, such as the user of IDs that are no longer approved for access. Enhanced data protection, including blocking access and quarantining connections while investigation takes place The latest release of the z/OS* monitoring agents (i.e., S-TAPs), includes enhancements to improve monitoring functionality. Significant attention has also been paid to continuous reduction of cost by reducing CPU overhead. Performance Optimizations An often-heard barrier to the adoption of a monitoring solution is the perceived overhead and About the Findings Any performance data contained in this article were determined in various controlled laboratory environments and are for reference purposes only. Customers should not adapt these performance numbers to their own environments as system performance standards. The results that may be obtained in other operating environments may vary significantly. Users of this document should verify the applicable data for their specific environment. ibmsystemsmag.com JULY/AUGUST 2017 // 17 pg 16-19.indd 3 6/13/17 10:08 AM
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.