IBM Systems Magazine, Mainframe - January/February 2018 - 8
PROTECT Your Assets
An application view of data is important for a point-in-time recovery
ardly a week goes by without another report of data being stolen, lost or corrupted.
Black hats working for organized crime or unfriendly governments often perpetrate
these events, but many are the result of poor planning, carelessness or outright
neglect. While most data centers with mainframe footprints have a disaster recovery (DR)
strategy with a plan and periodic testing, for today's threats, more is necessary.
is chief products
officer with 21st
Ransomware attacks, with colorful names like WannaCry and
Locky, can be leveled against any
platform. In an attack:
A server is infected with a
piece of code that searches
out important data
When important data are
found, the code encrypts
it, overwriting the original
data on disk, destroying the
This process is repeated
until your important data are
8 // JANUARY/FEBRUARY 2018 ibmsystemsmag.com
Once all of the important data
are corrupted, an installation must
pay the ransom to recover the data.
Applicability to the
The scope and value of the assets
on most mainframes dwarf the systems penetrated by recent attacks.
If a z/OS* version of ransomware
attacks even a single LPAR, the
results could be devastating.
A mainframe attack could come
from compromised transactions
or jobs originating on distributed
systems connected to IBM Z*.
Data can also be corrupted by
non-malevolent means-an erroneous change to an application.
While the data may not become
unreadable, such an error might
make recovering application data
To understand the scope of the
problem, consider different views
of examining information assets:
storage, data and application.
The storage view focuses on
the media where information
assets are stored (e.g., DASD/