IBM Systems Magazine, Mainframe - July/August 2018 - 9

wherever they or their data might
reside. The other data security
standards are mostly managed
by companies (PCI DSS and other
major credit card standards) or
organizations (ISO 27001).
GDPR also comes with hefty
penalties and fines for habitual
offenders that can tally up to 4
percent of a company's annual
revenue, with a cap at 20 million euro. If you don't have
up-to-the-second event log management across both mainframe
and Windows*/UNIX* systems in
your Security Operations Center
(SOC), the 72-hour advisory rule
presents a serious problem for
your organization. To stay in front
of the GDPR's 72-hour reporting
requirement, you need end-to-end
visibility to all data stores that can
be accessed across all OSes.

The Mainframe
and GDPR
Many in the mainframe world
have a false sense of security
about the data they manage on
z/OS*. However, GDPR doesn't
stipulate managing data security
by specific OSes. It's imperative
that we communicate to the
marketplace that when GDPR
states (bit.ly/2L17ZK6) "such
processing of personal data
should be adapted to the principles and rules established in this
Regulation," it doesn't translate
to "all the data that's not on a
mainframe because you guys are
so good at data security." GDPR,
like all other data standards,
stipulates the need to secure all
data-wherever it resides, on
whatever systems. We need to
break down this false sense of
security on the mainframe.
Mainframes today process
approximately 80 percent of
the world's corporate data (bit.
ly/2GivsCY), are used by 71
percent of the Fortune 500 (bit.
ly/2KpCVT7) and according to

^

According to
IBM, mainframes
manage

29 billion
ATM transactions
per year

IBM, manage 29 billion ATM
transactions per year-worth
nearly $5 billion per day (ibm.
co/2fzkphp). They contain the
world's most sensitive data, and
hackers are aware of that. Whenever you use your credit card,
chances are your data touches
a mainframe.
Protecting the mainframe
should be every enterprise's first
priority. With all of this information processed across mainframes, it's unlikely we'll see the
end of them anytime soon. We
see customers log data every day,
and the data says the mainframe
is a highly targeted asset by
hackers. A serious mainframe
breach could be the end of your
organization's good brand reputation and its leaders' careers,
so there's a lot at stake when it
comes to your GDPR compliance.

Two Things to Know
About Mainframe
SIEM Practices
In order to keep tabs on your data
and who's accessing (or even
looking at) your data, you need a
360-degree view of all user activity
surrounding it. At the heart of these
security information and event
management (SIEM) practices is
log management in conjunction
with event correlation. Here are two
things to know about SIEM:
1. Collecting event logs from
endpoint devices, firewalls,
routers/switches, desktops,
servers and applications (log
management), and then correlating them against norms
of user behavior (events)
are the basics of SIEM. But
the volume of metadata
surrounding GDPR-names,
photos, email addresses,
bank details, social media
posts, medical information or
computer IP addresses-can
slow systems resources. Your

correlation engine doesn't
need all of the log data, so
you'll want to get a handle
on your process and find a
security system with efficient
indexing and filtering rules to
help manage log volume.
2. All of this event logging and
event correlation must be
rolled up into a single view
of data security truth within
your IT SOC. Securing your
data means knowing and
visualizing enterprise user
interactions to your data in
real time and forwarding
the events in real time to
your SIEM. Theoretically,
we'll never be able to build
a hack-proof data store
because humans are prone to
mistakes. The latest Verizon
Data Breach Investigations
Report (bit.ly/2tWIWCZ)
reveals that 81 percent of
hacking-related breaches
leveraged stolen and/or weak
passwords. Security industry
pundits agree that breach
is inevitable, and the focus
should be on real-time threat
visibility with instantaneous
notifications of a breach,
followed immediately by
corrective action to stem the
bleeding (the EU, with GDPR,
believes this too).

The Importance
of a Security Policy
A security policy based on 100
percent visibility of activity
across all the threat vectors
in your SOC makes this possible. This visibility gives GDPR
data protection officers a path
to validate the technical and
organizational measures they're
undertaking to maintain compliance. In the event of breach,
the officer will also have an audit
trail of forensics with which to
determine the who, what, when
and where of the breach.

ibmsystemsmag.com JULY/AUGUST 2018 // 9


http://ibm.co/2fzkphp http://ibm.co/2fzkphp http://www.bit.ly/2tWIWCZ http://www.bit.ly/2L17ZK6 http://bit.ly/2GivsCY http://bit.ly/2GivsCY http://bit.ly/2KpCVT7 http://bit.ly/2KpCVT7 http://www.ibmsystemsmag.com

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe - July/August 2018

Table of Contents
Editor's Desk: Transformation in the balance
Partner POV: Real-time visibility to data access is required to maintain GDPR compliance
R&D: IBM Research is providing valuable insights to tackle challenges and enable prosperity from the tip of Africa
Feature 1: Fleet of Foot: FRAIKIN Group develops a cost-effective and flexible thin-client environment
Cover Story: Radical Changes: Rabobank relies on DevOps on Z to transform its payments system
Feature 2: Developing a Business Plan: DevOps and the IBM Z Digital Transformation Model pave the way for innovation
Champions Showcase: Meet 18 of the 2018 IBM Z Champions
Hot Topics: Container Pricing for IBM Z brings predictability to cost
Solutions: IBM Z Mainfraime Virtual Tape Library, IntelliMagic Vision 8.14.2, zAdviser, DYNA-STEP Dynamic STEPLIB and ISPF Library Management 3.2
Stop Run: IBMer Karl Schmitz bridges the gap between art and computer security
Reference Point - Global Events, Education, Resources for Power Systems
2018 Mainframe Solutions Edition Product Index
IBM Systems Magazine, Mainframe - July/August 2018 - Intro
IBM Systems Magazine, Mainframe - July/August 2018 - Cover1
IBM Systems Magazine, Mainframe - July/August 2018 - Cover2
IBM Systems Magazine, Mainframe - July/August 2018 - 1
IBM Systems Magazine, Mainframe - July/August 2018 - Table of Contents
IBM Systems Magazine, Mainframe - July/August 2018 - 3
IBM Systems Magazine, Mainframe - July/August 2018 - 4
IBM Systems Magazine, Mainframe - July/August 2018 - 5
IBM Systems Magazine, Mainframe - July/August 2018 - Editor's Desk: Transformation in the balance
IBM Systems Magazine, Mainframe - July/August 2018 - 7
IBM Systems Magazine, Mainframe - July/August 2018 - Partner POV: Real-time visibility to data access is required to maintain GDPR compliance
IBM Systems Magazine, Mainframe - July/August 2018 - 9
IBM Systems Magazine, Mainframe - July/August 2018 - R&D: IBM Research is providing valuable insights to tackle challenges and enable prosperity from the tip of Africa
IBM Systems Magazine, Mainframe - July/August 2018 - 11
IBM Systems Magazine, Mainframe - July/August 2018 - 12
IBM Systems Magazine, Mainframe - July/August 2018 - 13
IBM Systems Magazine, Mainframe - July/August 2018 - 14
IBM Systems Magazine, Mainframe - July/August 2018 - 15
IBM Systems Magazine, Mainframe - July/August 2018 - Feature 1: Fleet of Foot: FRAIKIN Group develops a cost-effective and flexible thin-client environment
IBM Systems Magazine, Mainframe - July/August 2018 - 17
IBM Systems Magazine, Mainframe - July/August 2018 - 18
IBM Systems Magazine, Mainframe - July/August 2018 - 19
IBM Systems Magazine, Mainframe - July/August 2018 - 20
IBM Systems Magazine, Mainframe - July/August 2018 - 21
IBM Systems Magazine, Mainframe - July/August 2018 - Cover Story: Radical Changes: Rabobank relies on DevOps on Z to transform its payments system
IBM Systems Magazine, Mainframe - July/August 2018 - 23
IBM Systems Magazine, Mainframe - July/August 2018 - 24
IBM Systems Magazine, Mainframe - July/August 2018 - 25
IBM Systems Magazine, Mainframe - July/August 2018 - 26
IBM Systems Magazine, Mainframe - July/August 2018 - 27
IBM Systems Magazine, Mainframe - July/August 2018 - Feature 2: Developing a Business Plan: DevOps and the IBM Z Digital Transformation Model pave the way for innovation
IBM Systems Magazine, Mainframe - July/August 2018 - 29
IBM Systems Magazine, Mainframe - July/August 2018 - 30
IBM Systems Magazine, Mainframe - July/August 2018 - 31
IBM Systems Magazine, Mainframe - July/August 2018 - 32
IBM Systems Magazine, Mainframe - July/August 2018 - 33
IBM Systems Magazine, Mainframe - July/August 2018 - 34
IBM Systems Magazine, Mainframe - July/August 2018 - 35
IBM Systems Magazine, Mainframe - July/August 2018 - 36
IBM Systems Magazine, Mainframe - July/August 2018 - 37
IBM Systems Magazine, Mainframe - July/August 2018 - Champions Showcase: Meet 18 of the 2018 IBM Z Champions
IBM Systems Magazine, Mainframe - July/August 2018 - 39
IBM Systems Magazine, Mainframe - July/August 2018 - 40
IBM Systems Magazine, Mainframe - July/August 2018 - 41
IBM Systems Magazine, Mainframe - July/August 2018 - 42
IBM Systems Magazine, Mainframe - July/August 2018 - 43
IBM Systems Magazine, Mainframe - July/August 2018 - 44
IBM Systems Magazine, Mainframe - July/August 2018 - 45
IBM Systems Magazine, Mainframe - July/August 2018 - 46
IBM Systems Magazine, Mainframe - July/August 2018 - 47
IBM Systems Magazine, Mainframe - July/August 2018 - 48
IBM Systems Magazine, Mainframe - July/August 2018 - 49
IBM Systems Magazine, Mainframe - July/August 2018 - Hot Topics: Container Pricing for IBM Z brings predictability to cost
IBM Systems Magazine, Mainframe - July/August 2018 - 51
IBM Systems Magazine, Mainframe - July/August 2018 - 52
IBM Systems Magazine, Mainframe - July/August 2018 - 53
IBM Systems Magazine, Mainframe - July/August 2018 - Solutions: IBM Z Mainfraime Virtual Tape Library, IntelliMagic Vision 8.14.2, zAdviser, DYNA-STEP Dynamic STEPLIB and ISPF Library Management 3.2
IBM Systems Magazine, Mainframe - July/August 2018 - 55
IBM Systems Magazine, Mainframe - July/August 2018 - Stop Run: IBMer Karl Schmitz bridges the gap between art and computer security
IBM Systems Magazine, Mainframe - July/August 2018 - Cover3
IBM Systems Magazine, Mainframe - July/August 2018 - Cover4
IBM Systems Magazine, Mainframe - July/August 2018 - Reference Point - Global Events, Education, Resources for Power Systems
IBM Systems Magazine, Mainframe - July/August 2018 - 2018 Mainframe Solutions Edition Product Index
IBM Systems Magazine, Mainframe - July/August 2018 - SE2
IBM Systems Magazine, Mainframe - July/August 2018 - SE3
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
http://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
http://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
http://www.nxtbookMEDIA.com