IBM Systems magazine, Mainframe - July/August 2019 - 9

X-Force Red Discovers
Sign-in Kiosk Vulnerabilities
Computers, software programs and internet devices are too often susceptible to attack. Daniel Crowley, research director of IBM's security group
8I&!$ÇÉÃ2ÉÈQÃ)!$%Ã&!ÃÉ0"!%ÉÃ&ÉÃ%!Ã&É1ÃÇÄ ÃÆÉîÃ0ÉÈNÃ/ ÉÃ$ÉÇÉ &Ã8I&!$ÇÉÃ
2ÉÈîà È Ã%!)ÉÈÃÃ&Ä&Ã%É)%Ã!ÃÆ'%ÃÇÄ ÃÈÉÃ Ã(%&!$ÃÄ ÄÉÉ &Ã
%!&)Ä$ÉÃ"Ä&!$%QÃ)ÇÃÄ 1Ã!®ÃÇÉ%Ã$É1Ã! NÃ4Ä&ÃÉÄ %à Ã%É(É$ÄÃ
mainstream systems for digital sign-in portals (often found greeting you
Ä&Ã&ÉÃ!®ÃÇÉÃÄ ÃÉ &$Ä ÇÉdQÃÄ ÃÄ&&ÄÇÉ$ÃÇÄ Ã"!&É &Ä1Ã&ÄÉÃ1!'$ÃÈÄ&ÄÃ!$Ã
impersonate you in the system.
W4É$ÉV%Ã&%Ã!É &Ã!Ã%'$"$%ÉÃ)É Ã1!'Ã%&Ä$&ÃÄ%%É%% Ã$ÉÄÃ"$!ÈI
ucts, real devices, real software and see just how bad certain things are,"
#$!)É1Ã%Ä1%NÃW4É%ÉÃ%1%&É%Ã)!'ÈÃÉÄÃ !$Ä&! Ã!$Ã !&Ã"$!"É$1Ã
authenticate a person or would allow an attacker to break out of the kiosk
environment and control the underlying systems to plant malware or
access data."
What makes these threats unique is they don't occur through remote access like most organizations anticipate. A hacker would have to physically
approach a visitor management system and use something like a USB port
or keyboard shortcut to gain control. IBM researchers suggest making these
systems safer by demanding additional proof from visitors, like a QR code
or password, as many of these platforms don't offer authentication-they're
simply acting as a fancy guest book.

ON THE WEB

1
Martin Packer on His
Mainframe Performance
Journey
Listen to the podcast or
read the transcript.
bit.ly/2XC7PhD

2
Trusted Key Entry
Policy Wizards
6 Trusted Key Entry (TKE)
wizards help implement
security policies for managing
TKE workstation access.
bit.ly/2vggcTN

SOURCE: WIRED.COM

3
Why Millennial
Mainframers Reconcile
Today's Digital Paradox
Young mainframers are ideal
for maintaining IBM Z.
bit.ly/2VcaDEE

?

What Is DevSecOps?
The pressure for continuous software delivery led to the
emergence of the DevOps movement, which morphed into
DevSecOps. DevSecOps brings together developers,
operations, QA, security and even clients to create a
cross-disciplinary environment for software development.

4
Let the End User Be
Your Guide
End-user feedback is key
in application development
project success.
bit.ly/2Ztvwuq

IBMSYSTEMSMAG.COM JULY/AUGUST 2019 | 9


http://www.bit.ly/2XC7PhD http://www.bit.ly/2vggcTN http://www.WIRED.COM http://www.bit.ly/2VcaDEE http://www.bit.ly/2Ztvwuq http://www.IBMSYSTEMSMAG.COM

IBM Systems magazine, Mainframe - July/August 2019

Table of Contents for the Digital Edition of IBM Systems magazine, Mainframe - July/August 2019

Table of Contents
Editor's Desk: Resiliency is key in an 'always-on' world
Currents: Alphabet soup of compliance
Currents: X-Force Red discovers sign-in kiosk vulnerabilities
Currents: IBM Z hardware and software maximize resiliency
Currents: A robot walks into a bar
Currents: How resilient is your IBM Z system of record?
Currents: Solutions
Partner POV: Redirecting select mainframe workloads to the cloud could create new opportunities
Cover Story: Fail Safe: Puerto Rico's disaster recovery planning is a blueprint for your data protection
Feature 1: Elevating Hybrid Cloud: IBM Z strengthens security, resiliency and open development for cloud infrastructure
Champions Showcase: The 2019 IBM Z Champions are committed to communicating the value of the platform
Hot Topics: z/OS Cloud Broker leverages common cloud platforms to enable z/OS resource consumption
Techbits: Disposable data can pose legal liabilities and security risks
Techbits: Raising the bar on IBM Z resiliency with GDPS
Techbits: Get real-time insight and data security with Open Data Analytics for z/OS
Techbits: Ask the expert: z/OS data set encryption
Beyond the Box: z/VM Senior Software Engineer Brian Wade finds similarities between his job and his life as a pilot
Reference Point - Global Events, Education, Resources for Power Systems
2019 Mainframe Solutions Edition Product Index
IBM Systems magazine, Mainframe - July/August 2019 - Intro
IBM Systems magazine, Mainframe - July/August 2019 - Cover1
IBM Systems magazine, Mainframe - July/August 2019 - Cover2
IBM Systems magazine, Mainframe - July/August 2019 - 1
IBM Systems magazine, Mainframe - July/August 2019 - 2
IBM Systems magazine, Mainframe - July/August 2019 - 3
IBM Systems magazine, Mainframe - July/August 2019 - Table of Contents
IBM Systems magazine, Mainframe - July/August 2019 - 5
IBM Systems magazine, Mainframe - July/August 2019 - Editor's Desk: Resiliency is key in an 'always-on' world
IBM Systems magazine, Mainframe - July/August 2019 - 7
IBM Systems magazine, Mainframe - July/August 2019 - Currents: Alphabet soup of compliance
IBM Systems magazine, Mainframe - July/August 2019 - Currents: X-Force Red discovers sign-in kiosk vulnerabilities
IBM Systems magazine, Mainframe - July/August 2019 - Currents: IBM Z hardware and software maximize resiliency
IBM Systems magazine, Mainframe - July/August 2019 - 11
IBM Systems magazine, Mainframe - July/August 2019 - Currents: A robot walks into a bar
IBM Systems magazine, Mainframe - July/August 2019 - 13
IBM Systems magazine, Mainframe - July/August 2019 - Currents: How resilient is your IBM Z system of record?
IBM Systems magazine, Mainframe - July/August 2019 - 15
IBM Systems magazine, Mainframe - July/August 2019 - Currents: Solutions
IBM Systems magazine, Mainframe - July/August 2019 - 17
IBM Systems magazine, Mainframe - July/August 2019 - Partner POV: Redirecting select mainframe workloads to the cloud could create new opportunities
IBM Systems magazine, Mainframe - July/August 2019 - 19
IBM Systems magazine, Mainframe - July/August 2019 - Cover Story: Fail Safe: Puerto Rico's disaster recovery planning is a blueprint for your data protection
IBM Systems magazine, Mainframe - July/August 2019 - 21
IBM Systems magazine, Mainframe - July/August 2019 - 22
IBM Systems magazine, Mainframe - July/August 2019 - 23
IBM Systems magazine, Mainframe - July/August 2019 - 24
IBM Systems magazine, Mainframe - July/August 2019 - 25
IBM Systems magazine, Mainframe - July/August 2019 - 26
IBM Systems magazine, Mainframe - July/August 2019 - 27
IBM Systems magazine, Mainframe - July/August 2019 - Feature 1: Elevating Hybrid Cloud: IBM Z strengthens security, resiliency and open development for cloud infrastructure
IBM Systems magazine, Mainframe - July/August 2019 - 29
IBM Systems magazine, Mainframe - July/August 2019 - 30
IBM Systems magazine, Mainframe - July/August 2019 - 31
IBM Systems magazine, Mainframe - July/August 2019 - 32
IBM Systems magazine, Mainframe - July/August 2019 - 33
IBM Systems magazine, Mainframe - July/August 2019 - 34
IBM Systems magazine, Mainframe - July/August 2019 - 35
IBM Systems magazine, Mainframe - July/August 2019 - 36
IBM Systems magazine, Mainframe - July/August 2019 - 37
IBM Systems magazine, Mainframe - July/August 2019 - Champions Showcase: The 2019 IBM Z Champions are committed to communicating the value of the platform
IBM Systems magazine, Mainframe - July/August 2019 - 39
IBM Systems magazine, Mainframe - July/August 2019 - 40
IBM Systems magazine, Mainframe - July/August 2019 - 41
IBM Systems magazine, Mainframe - July/August 2019 - 42
IBM Systems magazine, Mainframe - July/August 2019 - 43
IBM Systems magazine, Mainframe - July/August 2019 - 44
IBM Systems magazine, Mainframe - July/August 2019 - 45
IBM Systems magazine, Mainframe - July/August 2019 - Hot Topics: z/OS Cloud Broker leverages common cloud platforms to enable z/OS resource consumption
IBM Systems magazine, Mainframe - July/August 2019 - 47
IBM Systems magazine, Mainframe - July/August 2019 - 48
IBM Systems magazine, Mainframe - July/August 2019 - 49
IBM Systems magazine, Mainframe - July/August 2019 - Techbits: Disposable data can pose legal liabilities and security risks
IBM Systems magazine, Mainframe - July/August 2019 - Techbits: Raising the bar on IBM Z resiliency with GDPS
IBM Systems magazine, Mainframe - July/August 2019 - 52
IBM Systems magazine, Mainframe - July/August 2019 - Techbits: Get real-time insight and data security with Open Data Analytics for z/OS
IBM Systems magazine, Mainframe - July/August 2019 - Techbits: Ask the expert: z/OS data set encryption
IBM Systems magazine, Mainframe - July/August 2019 - 55
IBM Systems magazine, Mainframe - July/August 2019 - Beyond the Box: z/VM Senior Software Engineer Brian Wade finds similarities between his job and his life as a pilot
IBM Systems magazine, Mainframe - July/August 2019 - Cover3
IBM Systems magazine, Mainframe - July/August 2019 - Cover4
IBM Systems magazine, Mainframe - July/August 2019 - Reference Point - Global Events, Education, Resources for Power Systems
IBM Systems magazine, Mainframe - July/August 2019 - 2019 Mainframe Solutions Edition Product Index
IBM Systems magazine, Mainframe - July/August 2019 - SE2
IBM Systems magazine, Mainframe - July/August 2019 - SE3
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20201112
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200910
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbookmedia.com