SlideShare a Scribd company logo

Is your mainframe less secure than your file server

Micro Focus
Micro Focus

This document discusses how Micro Focus products can help improve security for systems that access mainframes. It describes how Micro Focus Management and Security Server (MSS) can centrally manage user authentication using technologies like smart cards and biometrics. The MSS Security Proxy Server only allows authenticated connections, protecting mainframes. The document also explains how Micro Focus terminal emulation can mask sensitive fields, disable copying of fields, and re-authenticate users at different points. It provides an example of how MSS was used to securely provide travel agents access to an airline's mainframe without needing a thick client. Overall, the document summarizes how Micro Focus can help modernize mainframe security practices.

Technology
1 of 55
Download to read offline
Is your mainframe less secure than your file server? Malcolm Trigg | Solutions Consultant | 24th February 2016
What is my account balance? The World’s Changed
The World’s Changed Internal Security Standards
The World’s Changed
Not Everything has Changed. Is that Good?
Not Everything has Changed
What if you could… • Stop the user having to enter a user / password • Allow multi-factor authentication • Something you have • Something you are • Something you know • Use your Active Directory / eDirectory to store… • Users password • Bio-metric information such as finger print • Smart card details • Bring the login screen in-line with modern security standards • Protect sys admin logins
Well you can… • Micro Focus Advanced Authentication Framework • Link with Reflection Desktop / Rumba terminal emulation • Choice of smart cards and/or bio-metrics such as fingerprint recognition
What if you could… • Centrally manage the sign on to the mainframe • Use a RACF one-time token in place of a password • No need for user to enter or remember a password • User doesn’t get prompted for user/password • User need never know their password
Well you can… Automated Sign-On with Management and Security Server 1. The terminal emulator launches a host session and requests user credentials for the host application from Automated Sign-On. 2. Automated Sign-On requests a one-time-use PassTicket from RACF (from the IBM z/OS Digital Certificate Access Server). 3. The terminal emulator uses the one-time-use PassTicket credential to automatically log the user on to the host application.
With Micro Focus… • Access to the mainframe • No longer reliant on the historic 8 character password • Now tied to the corporate Active Directory / eDirectory credentials • Access to the mainframe can be revoked through group membership in Active Directory / eDirectory • Mainframe access becomes security compliant • Protect sys admin access • You can automatically provision users along with permissions on host systems
Which Devices can Connect?
• Particular networks • All workstations • Any terminal emulator • No restrictions on who Not Everything has Changed
What if you could… • Control who can access the mainframe • Only allow authorised terminal emulators to be used • Access control through Active Directory / eDirectory • Roll Based Access Control (RBAC) • Centrally managed • Make the firewall rules simple for mainframe
Well you can… Client workstation Telnet, FTP, INT- 1, T27, ALC, SSL/TLS SSL/TLS MSS Server MSS Security Proxy LDAP Directory HTTPS Content inspection (Intrusion Detection System, etc.) Host Micro Focus Management and Security Server Access control in middle tier: • A layer of security in front of your hosts • Without touching the hosts • Using read-only access to the LDAP Directory
With Micro Focus… • A connection to the host can only be performed if you have been pre-authenticated • Access to the host based upon AD/eDirectory membership • Host can be protected by a firewall / simplified firewall rules • Only allow connections originating from the Micro Focus Security Proxy Server
Well you can… Client workstation Telnet, FTP, INT- 1, T27, ALC, SSL/TLS SSL/TLS MSS Security Proxy Content inspection (Intrusion Detection System, etc.) Host Client workstation
User Case Study – Airline Industry • Problem • Need to give travel agents access to their mainframe • A traditional thick client was heavy on management • Don’t own or manage the desktop • Had to use a VPN to tunnel traffic – further complicated the set-up • New travel agents opening all the time and also some closing • Spread through out the world
User Case Study – An Airline • Solution • Management and Security Server • Strong authentication • Security Proxy Server • Only authenticated clients could connect to the mainframe • Thin client emulation • Readily configured sessions deployed to the desktop using Java Applets • Changes automatically deployed on next connection
User Case Study – An Airline • Benefits • Mainframe protected from unauthorised access • Deployment as easy as providing a URL and adding user to LDAP database • Decommissioning as easy as removing the user from the LDAP database • Easy centralised management • Small client foot print on desktop • Very little management of agent required by airlines help desk
Airline Solution Graphic Travel Agent Desktop Airlines TrafficSSL/TLS MSS Server MSS Security Proxy LDAP Directory Authenticated by MSS Server Content inspection (Intrusion Detection System, etc.) Airlines Host Secure token passed HTTPS No direct access to mainframe. Only allowed through Security Proxy Server if authenticated by MSS Server
Screen Content
Not Everything has Changed • Credit card number remains on screen after typing • No additional access authentication required to view credit card number • Terminal emulator only displays what the host sends it
What if you could… • Mask credit card numbers or any other sensitive field • With out changes to the host application • Stop copy to clipboard from working for certain fields • Redact information once typed i.e. after entry of a credit card number
Well you can… Micro Focus Terminal Emulation • Fields can be displayed masked with asterisks • After typing a credit card number it can be redacted • The copy to clipboard field can be disabled for certain fields
With Micro Focus… • Sensitive information is only displayed to those who really need access to it • Information typed only left on the screen until last character typed and then it is redacted • Helps with PCI DSS • Stop user from using terminal emulation trace facility by locking the terminal emulator down
Multiple Authentication Points
Not Everything has Changed • Authenticated once • Application security controlled by application • Non-repudiation • No re-authentication for certain tasks
• Replace the normal Signon with a stronger method of Authentication and enable Single Signon? • Prompt a user at any point during any type of transaction to Re-Authenticate? • Re-Authentication could have context like: • Financial Value or transaction type? • Time since last Authentication? • Write away before and after values of any transaction to a Non-Repudiation system which could be used to report on activity? • With NO changes of any code on the legacy system? What if you could…
Well you can… • Micro Focus Advanced Authentication Framework • Link with Reflection Desktop / Rumba terminal emulation • Choice of smart cards and/or bio-metrics such as fingerprint recognition
Micro Focus Multi-Factor Solution
With Management Security Server (MSS) and Advanced Authentication you can... • Create an enforceable access control layer between your employees and your legacy systems. • Leverage your enterprise directory to authorise users to host sessions. • Utilise strong authentication technology to confirm user identity. • Make use of multifactor Authentication. • Invoke Authentication and Authorisation at any stage during a session or function on a legacy application with full audit reporting. • Centrally administer access to terminal host sessions and macros.
Directory (eDIR, AD, LDAP, RACF) User Reflection / Rumba AAF RTE Credentials (MFA, Mix & Match) RACF/TOP Secret Authentication Secondary Application Authentication Sensitive Enquiry Authentication Sensitive Transaction Authentication Time Based Authentication VBA Reflection / Rumba and Advanced Authentication Framework
With Micro Focus… • Insecure user/password host logon a thing of the past • Multiple re-authentication points can be utilised • Multi-factor authentication • Tied into AD / eDirectory security groups • Roll Based Access Control can be applied • Permissions can be easily revoked • Central management of terminal emulation and access
Re-using Mainframe Information
What is my account balance? Account Balance is here…. Not Everything has Changed
What if you could…
What if you could…
Well you can with Micro Focus… Micro Focus IBM 3270 IBM 5250 VT/UNIX HP700/92 Business Application • Well featured design time environment • Wraps host application logic with SOA interface • Non invasive ‘off host’ architecture • No change to host applications • Leverage existing business rules • Real time integration • Acts as a ‘data firewall’ – securing and guaranteeing integrity of the application • Robust, scalable and secure • Rejuvenation options available
1 2 3 Full Terminal Support Zero Footprint No Map Enhanced Emulation Custom Web Services Custom Mobile AppsTerminal Emulation • Screen re-presented as HTML or HTML5 • One to one with host screen • Can be accessed on desktop to mobile devices • Provides a secure method of accessing the host remotely • No direct access to host from client
1 2 3 Custom Web Services Custom Forms Server-Side Macros Managed Enhanced Emulation Custom Mobile AppsTerminal Emulation• Automation of host application • Still have access to host screen • Secure connection • Scalable • No direct access to host from client
1 2 3 Custom Web Services Fully Customized UI SOA Capable Trans- form Terminal Emulation Enhanced Emulation Custom Mobile Apps• User sees no host screens • Complete web-frontend • Fields can be hidden from user • No direct access to host from client • Secure and scalable
With Micro Focus… • Host systems can easily become web service enabled • Providing a secure method of integrating • Hide fields from developers • Platform for rejuvenation • Integration with other systems • Mobile device access as well as desktop • Secure and scalable solution
Macros – Useful?
Not Everything has Changed • Macros managed by users • Development against production system • Sharing of macros • Ownership / support • Change control
What if you could… • Prevent users from creating macros • Prevent users from viewing macros • If macros not required then prevent running of macros • Control the distribution of macros • Make macros part of a secure development life cycle • Ensure macros are part of change control
Well you can… Management and Security Server • Distribute macros • Control access to terminal emulation Reflection / Rumba Terminal Emulation • Lock down emulation • Prevent macros being run from untrusted locations • Prevent macros from being created • Lock down API
With Micro Focus… • Macros can be managed • Terminal emulation locked down • Macros become known and managed by IT • Secures the mainframe from abuse by macros
Security Across the Board
General Security • Crypto modules FIPS 140-2 validated • Used by US DoD • TLS 1.2 fully supported • Secure development life cycle (SDLC) • Security given prominence throughout development of products • Intensive security testing of products
Summary
General Security • Advanced Authentication Framework • Enhance the authentication process • Multi factor authentication • Multiple points of authentication • Allow automated provisioning of mainframe users and permissions
General Security • Manage access to mainframe • Management and Security Server • Security Proxy Server • Can’t connect unless authenticated • Redaction of sensitive information • Secure integration of mainframe information • Macros can be managed
Q & A

Recommended

#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security modelMicro Focus
 
#MFSummit2016 Operate: The race for space
#MFSummit2016 Operate: The race for space#MFSummit2016 Operate: The race for space
#MFSummit2016 Operate: The race for spaceMicro Focus
 
#MFSummit2016 Operate: Towards a unified endpoint management strategy
#MFSummit2016 Operate: Towards a unified endpoint management strategy#MFSummit2016 Operate: Towards a unified endpoint management strategy
#MFSummit2016 Operate: Towards a unified endpoint management strategyMicro Focus
 
#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...
#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...
#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...Micro Focus
 
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTUNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTMicro Focus
 
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANTUNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANTMicro Focus
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Sectricity
 
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Conference_by_EVRY
 

Recommended

#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security modelMicro Focus
 
#MFSummit2016 Operate: The race for space
#MFSummit2016 Operate: The race for space#MFSummit2016 Operate: The race for space
#MFSummit2016 Operate: The race for spaceMicro Focus
 
#MFSummit2016 Operate: Towards a unified endpoint management strategy
#MFSummit2016 Operate: Towards a unified endpoint management strategy#MFSummit2016 Operate: Towards a unified endpoint management strategy
#MFSummit2016 Operate: Towards a unified endpoint management strategyMicro Focus
 
#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...
#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...
#MFSummit2016 Operate: Solving desktop challenges with application virtualisa...Micro Focus
 
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTUNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANT
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTMicro Focus
 
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANTUNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANT
UNIFIED MESSAGE ARCHIVING – WHY IT IS IMPORTANTMicro Focus
 
Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Bright talk mapping the right aut solution for you 2014 final (1)
Bright talk mapping the right aut solution for you 2014 final (1)Sectricity
 
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Conference_by_EVRY
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017Micro Focus
 
So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.Microsoft TechNet - Belgium and Luxembourg
 
Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Nordic Infrastructure Conference
 
VMware Workspace One
VMware Workspace OneVMware Workspace One
VMware Workspace OneJürgen Ambrosi
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
CA Unified Endpoint Management
CA Unified Endpoint ManagementCA Unified Endpoint Management
CA Unified Endpoint ManagementCA Technologies
 
Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1Nordic Infrastructure Conference
 
Covert asae tech 13 mdm implementation
Covert asae tech 13 mdm implementationCovert asae tech 13 mdm implementation
Covert asae tech 13 mdm implementationLarry Covert
 
MDM - airwatch
MDM - airwatchMDM - airwatch
MDM - airwatchBharat Sinha
 
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)Heidi Hoff
 
Privileged Access Manager Product Q&A
Privileged Access Manager Product Q&APrivileged Access Manager Product Q&A
Privileged Access Manager Product Q&AHitachi ID Systems, Inc.
 
Sys track customer facing-terminal server-updated
Sys track customer facing-terminal server-updatedSys track customer facing-terminal server-updated
Sys track customer facing-terminal server-updatedSyntax Inc.
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
SCUG.DK: Visualizing Your Data, April 2015
SCUG.DK: Visualizing Your Data, April 2015SCUG.DK: Visualizing Your Data, April 2015
SCUG.DK: Visualizing Your Data, April 2015Ronni Pedersen
 
Securing the Mobile Enterprise
Securing the Mobile EnterpriseSecuring the Mobile Enterprise
Securing the Mobile EnterpriseIBM Danmark
 
Lakeside 2016
Lakeside 2016Lakeside 2016
Lakeside 2016Marc Servaes (06-47841367)
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemQuest
 
A Primer on iOS Management and What's Changing
A Primer on iOS Management and What's ChangingA Primer on iOS Management and What's Changing
A Primer on iOS Management and What's ChangingIvanti
 
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup Ricoh India Limited
 
Laboratorio 03-digitalicos.
Laboratorio 03-digitalicos.Laboratorio 03-digitalicos.
Laboratorio 03-digitalicos.Roberto Alvarado
 
Trabajo seguro final
Trabajo seguro finalTrabajo seguro final
Trabajo seguro finalSara Vertel Benitez
 

More Related Content

What's hot

BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017Micro Focus
 
Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Nordic Infrastructure Conference
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
 
CA Unified Endpoint Management
CA Unified Endpoint ManagementCA Unified Endpoint Management
CA Unified Endpoint ManagementCA Technologies
 
Covert asae tech 13 mdm implementation
Covert asae tech 13 mdm implementationCovert asae tech 13 mdm implementation
Covert asae tech 13 mdm implementationLarry Covert
 
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)Heidi Hoff
 
Sys track customer facing-terminal server-updated
Sys track customer facing-terminal server-updatedSys track customer facing-terminal server-updated
Sys track customer facing-terminal server-updatedSyntax Inc.
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldQuest
 
SCUG.DK: Visualizing Your Data, April 2015
SCUG.DK: Visualizing Your Data, April 2015SCUG.DK: Visualizing Your Data, April 2015
SCUG.DK: Visualizing Your Data, April 2015Ronni Pedersen
 
Securing the Mobile Enterprise
Securing the Mobile EnterpriseSecuring the Mobile Enterprise
Securing the Mobile EnterpriseIBM Danmark
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementQuest
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemQuest
 
A Primer on iOS Management and What's Changing
A Primer on iOS Management and What's ChangingA Primer on iOS Management and What's Changing
A Primer on iOS Management and What's ChangingIvanti
 
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup Ricoh India Limited
 

What's hot (20)

BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
 
So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.So you’ve successfully installed SCOM… Now what.
So you’ve successfully installed SCOM… Now what.
 
Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...Brian Desmond - Quickly and easily protect your applications and services wit...
Brian Desmond - Quickly and easily protect your applications and services wit...
 
VMware Workspace One
VMware Workspace OneVMware Workspace One
VMware Workspace One
 
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
[WSO2Con EU 2017] IAM: Catalyst for Digital Transformation
 
CA Unified Endpoint Management
CA Unified Endpoint ManagementCA Unified Endpoint Management
CA Unified Endpoint Management
 
Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1Sami laiho - What's new in windows 8.1
Sami laiho - What's new in windows 8.1
 
Covert asae tech 13 mdm implementation
Covert asae tech 13 mdm implementationCovert asae tech 13 mdm implementation
Covert asae tech 13 mdm implementation
 
MDM - airwatch
MDM - airwatchMDM - airwatch
MDM - airwatch
 
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
Remote Work Readiness Part 1: VDI and Remote Desktop Services (RDS)
 
Privileged Access Manager Product Q&A
Privileged Access Manager Product Q&APrivileged Access Manager Product Q&A
Privileged Access Manager Product Q&A
 
Sys track customer facing-terminal server-updated
Sys track customer facing-terminal server-updatedSys track customer facing-terminal server-updated
Sys track customer facing-terminal server-updated
 
Predicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile WorldPredicting the Future of Endpoint Management in a Mobile World
Predicting the Future of Endpoint Management in a Mobile World
 
SCUG.DK: Visualizing Your Data, April 2015
SCUG.DK: Visualizing Your Data, April 2015SCUG.DK: Visualizing Your Data, April 2015
SCUG.DK: Visualizing Your Data, April 2015
 
Securing the Mobile Enterprise
Securing the Mobile EnterpriseSecuring the Mobile Enterprise
Securing the Mobile Enterprise
 
Lakeside 2016
Lakeside 2016Lakeside 2016
Lakeside 2016
 
Ensuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint ManagementEnsuring Rock-Solid Unified Endpoint Management
Ensuring Rock-Solid Unified Endpoint Management
 
Your Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome ThemYour Biggest Systems Management Challenges – and How to Overcome Them
Your Biggest Systems Management Challenges – and How to Overcome Them
 
A Primer on iOS Management and What's Changing
A Primer on iOS Management and What's ChangingA Primer on iOS Management and What's Changing
A Primer on iOS Management and What's Changing
 
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
RPASS - Ricoh Proactive ServiceS for Remote Monitoring & Backup
 

Viewers also liked

Laboratorio 03-digitalicos.
Laboratorio 03-digitalicos.Laboratorio 03-digitalicos.
Laboratorio 03-digitalicos.Roberto Alvarado
 
Japon sol naciente (Adriana Davila)
Japon sol naciente (Adriana Davila)Japon sol naciente (Adriana Davila)
Japon sol naciente (Adriana Davila)Adriana Davila
 
Nuevas salidas profesionales: Desarrollador de Videojuegos
Nuevas salidas profesionales: Desarrollador de VideojuegosNuevas salidas profesionales: Desarrollador de Videojuegos
Nuevas salidas profesionales: Desarrollador de VideojuegosJosé Manuel Mencía
 
Energy Storage - 8: Prof. John Loughhead OBE
Energy Storage - 8: Prof. John Loughhead OBEEnergy Storage - 8: Prof. John Loughhead OBE
Energy Storage - 8: Prof. John Loughhead OBEBritish Embassy Paris
 
App movil c.Parking - Plan de Proyecto
App movil c.Parking - Plan de ProyectoApp movil c.Parking - Plan de Proyecto
App movil c.Parking - Plan de ProyectoRamón Abruña
 
Digital Identity & Security
Digital Identity & SecurityDigital Identity & Security
Digital Identity & SecurityMichael Bromby
 
Presentació Fòrum d'Escoles Verdes - Curs 15/16
Presentació Fòrum d'Escoles Verdes - Curs 15/16Presentació Fòrum d'Escoles Verdes - Curs 15/16
Presentació Fòrum d'Escoles Verdes - Curs 15/16nfont
 

Viewers also liked (20)

Laboratorio 03-digitalicos.
Laboratorio 03-digitalicos.Laboratorio 03-digitalicos.
Laboratorio 03-digitalicos.
 
Trabajo seguro final
Trabajo seguro finalTrabajo seguro final
Trabajo seguro final
 
Japon sol naciente (Adriana Davila)
Japon sol naciente (Adriana Davila)Japon sol naciente (Adriana Davila)
Japon sol naciente (Adriana Davila)
 
Examen Quimestral
Examen Quimestral Examen Quimestral
Examen Quimestral
 
Tablas
TablasTablas
Tablas
 
Portafolio isabel bautista
Portafolio isabel bautistaPortafolio isabel bautista
Portafolio isabel bautista
 
Modul12
Modul12Modul12
Modul12
 
Capacitacion norma gmp+fsa
Capacitacion norma gmp+fsaCapacitacion norma gmp+fsa
Capacitacion norma gmp+fsa
 
Nuevas salidas profesionales: Desarrollador de Videojuegos
Nuevas salidas profesionales: Desarrollador de VideojuegosNuevas salidas profesionales: Desarrollador de Videojuegos
Nuevas salidas profesionales: Desarrollador de Videojuegos
 
Portafolio isabel bautista m4 t1_a1
Portafolio isabel bautista m4 t1_a1Portafolio isabel bautista m4 t1_a1
Portafolio isabel bautista m4 t1_a1
 
Energy Storage - 8: Prof. John Loughhead OBE
Energy Storage - 8: Prof. John Loughhead OBEEnergy Storage - 8: Prof. John Loughhead OBE
Energy Storage - 8: Prof. John Loughhead OBE
 
App movil c.Parking - Plan de Proyecto
App movil c.Parking - Plan de ProyectoApp movil c.Parking - Plan de Proyecto
App movil c.Parking - Plan de Proyecto
 
Modul02
Modul02Modul02
Modul02
 
Digital Identity & Security
Digital Identity & SecurityDigital Identity & Security
Digital Identity & Security
 
Tesina de física, Isabel Bautista
Tesina de física, Isabel Bautista Tesina de física, Isabel Bautista
Tesina de física, Isabel Bautista
 
Modul19
Modul19Modul19
Modul19
 
Modul29
Modul29Modul29
Modul29
 
Presentació Fòrum d'Escoles Verdes - Curs 15/16
Presentació Fòrum d'Escoles Verdes - Curs 15/16Presentació Fòrum d'Escoles Verdes - Curs 15/16
Presentació Fòrum d'Escoles Verdes - Curs 15/16
 
Tabloide
Tabloide Tabloide
Tabloide
 
What is Trust Operations
What is Trust OperationsWhat is Trust Operations
What is Trust Operations
 

Similar to Is your mainframe less secure than your file server

Top 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA SystemTop 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA SystemInductive Automation
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 
SnapComms Technical overview
SnapComms Technical overviewSnapComms Technical overview
SnapComms Technical overviewSnapComms
 
SnapComms Technical Overview
SnapComms Technical OverviewSnapComms Technical Overview
SnapComms Technical Overviewleanne_abarro
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
IntroductorytocomputingAnne Starr
 
Cloudtechnologyassociatepart 1
Cloudtechnologyassociatepart 1Cloudtechnologyassociatepart 1
Cloudtechnologyassociatepart 1Anne Starr
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SASrobbuddingh
 
Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Blue Teamer
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataPrecisely
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)Sam Bowne
 
Securing the cloud and your assets
Securing the cloud and your assetsSecuring the cloud and your assets
Securing the cloud and your assetsMarcus Dempsey
 
gkkCloudtechnologyassociate(cta)day 1
gkkCloudtechnologyassociate(cta)day 1gkkCloudtechnologyassociate(cta)day 1
gkkCloudtechnologyassociate(cta)day 1Anne Starr
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesAmazon Web Services
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iPrecisely
 
Security Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudSecurity Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudNeelkamal Gaharwar
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best PracticesMike Sherwood
 

Similar to Is your mainframe less secure than your file server (20)

Top 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA SystemTop 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA System
 
Dakotacon 2017
Dakotacon 2017Dakotacon 2017
Dakotacon 2017
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
SnapComms Technical overview
SnapComms Technical overviewSnapComms Technical overview
SnapComms Technical overview
 
SnapComms Technical Overview
SnapComms Technical OverviewSnapComms Technical Overview
SnapComms Technical Overview
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
 
Introductorytocomputing
IntroductorytocomputingIntroductorytocomputing
Introductorytocomputing
 
Cloudtechnologyassociatepart 1
Cloudtechnologyassociatepart 1Cloudtechnologyassociatepart 1
Cloudtechnologyassociatepart 1
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SAS
 
Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
 
Securing the cloud and your assets
Securing the cloud and your assetsSecuring the cloud and your assets
Securing the cloud and your assets
 
gkkCloudtechnologyassociate(cta)day 1
gkkCloudtechnologyassociate(cta)day 1gkkCloudtechnologyassociate(cta)day 1
gkkCloudtechnologyassociate(cta)day 1
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best Pratices
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM i
 
Security Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudSecurity Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloud
 
Network Design and Security Best Practices
Network Design and Security Best PracticesNetwork Design and Security Best Practices
Network Design and Security Best Practices
 

More from Micro Focus

North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum Micro Focus
 
Tech Channel COBOL ebook
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebookMicro Focus
 
Unlocking COBOL Business Value
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business ValueMicro Focus
 
Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Micro Focus
 
5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographicMicro Focus
 
SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. Micro Focus
 
Digital Transformation pillars 2020
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020Micro Focus
 
Whats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteMicro Focus
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus
 
Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Micro Focus
 
Micro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus
 
Growth of Internet Data - 2017
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017Micro Focus
 
Easily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumMicro Focus
 
The Journey to Mainframe DevOps
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOpsMicro Focus
 
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus
 
The COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenMicro Focus
 
DevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionMicro Focus
 
The DevOps Journey
The DevOps JourneyThe DevOps Journey
The DevOps JourneyMicro Focus
 
ACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapMicro Focus
 
#DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation Micro Focus
 

More from Micro Focus (20)

North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum North America Strategic Modernization Exec Forum
North America Strategic Modernization Exec Forum
 
Tech Channel COBOL ebook
Tech Channel COBOL ebookTech Channel COBOL ebook
Tech Channel COBOL ebook
 
Unlocking COBOL Business Value
Unlocking COBOL Business ValueUnlocking COBOL Business Value
Unlocking COBOL Business Value
 
Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL. Quietly confident, enduringly competent - COBOL.
Quietly confident, enduringly competent - COBOL.
 
5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic5 key capabilitie for a smart service desk solution infographic
5 key capabilitie for a smart service desk solution infographic
 
SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus. SAP Fortify by Micro Focus.
SAP Fortify by Micro Focus.
 
Digital Transformation pillars 2020
Digital Transformation pillars 2020Digital Transformation pillars 2020
Digital Transformation pillars 2020
 
Whats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product SuiteWhats new in Enterprise 5.0 Product Suite
Whats new in Enterprise 5.0 Product Suite
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
 
Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...Why attend the application modernization & connectivity track at Micro Focus ...
Why attend the application modernization & connectivity track at Micro Focus ...
 
Micro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - AtlantaMicro Focus #DevDay50 - Atlanta
Micro Focus #DevDay50 - Atlanta
 
Growth of Internet Data - 2017
Growth of Internet Data - 2017Growth of Internet Data - 2017
Growth of Internet Data - 2017
 
Easily Create Scalable Automation using Selenium
Easily Create Scalable Automation using SeleniumEasily Create Scalable Automation using Selenium
Easily Create Scalable Automation using Selenium
 
The Journey to Mainframe DevOps
The Journey to Mainframe DevOpsThe Journey to Mainframe DevOps
The Journey to Mainframe DevOps
 
Micro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWebMicro Focus extend 10 and 10.1 with AcuToWeb
Micro Focus extend 10 and 10.1 with AcuToWeb
 
The COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim EbbinkhuijsenThe COBOL Story by Wim Ebbinkhuijsen
The COBOL Story by Wim Ebbinkhuijsen
 
DevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introductionDevDay Copenhagen - Micro Focus overview and introduction
DevDay Copenhagen - Micro Focus overview and introduction
 
The DevOps Journey
The DevOps JourneyThe DevOps Journey
The DevOps Journey
 
ACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and RoadmapACUCOBOL - Product Strategy and Roadmap
ACUCOBOL - Product Strategy and Roadmap
 
#DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation #DevDay Copenhagen - Bluegarden Presentation
#DevDay Copenhagen - Bluegarden Presentation
 

Recently uploaded

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney
 

Recently uploaded (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
 

Is your mainframe less secure than your file server

  • 1. Is your mainframe less secure than your file server? Malcolm Trigg | Solutions Consultant | 24th February 2016
  • 2.
  • 4. The World’s Changed Internal Security Standards
  • 6. Not Everything has Changed. Is that Good?
  • 8. What if you could… • Stop the user having to enter a user / password • Allow multi-factor authentication • Something you have • Something you are • Something you know • Use your Active Directory / eDirectory to store… • Users password • Bio-metric information such as finger print • Smart card details • Bring the login screen in-line with modern security standards • Protect sys admin logins
  • 9. Well you can… • Micro Focus Advanced Authentication Framework • Link with Reflection Desktop / Rumba terminal emulation • Choice of smart cards and/or bio-metrics such as fingerprint recognition
  • 10. What if you could… • Centrally manage the sign on to the mainframe • Use a RACF one-time token in place of a password • No need for user to enter or remember a password • User doesn’t get prompted for user/password • User need never know their password
  • 11. Well you can… Automated Sign-On with Management and Security Server 1. The terminal emulator launches a host session and requests user credentials for the host application from Automated Sign-On. 2. Automated Sign-On requests a one-time-use PassTicket from RACF (from the IBM z/OS Digital Certificate Access Server). 3. The terminal emulator uses the one-time-use PassTicket credential to automatically log the user on to the host application.
  • 12. With Micro Focus… • Access to the mainframe • No longer reliant on the historic 8 character password • Now tied to the corporate Active Directory / eDirectory credentials • Access to the mainframe can be revoked through group membership in Active Directory / eDirectory • Mainframe access becomes security compliant • Protect sys admin access • You can automatically provision users along with permissions on host systems
  • 13. Which Devices can Connect?
  • 14. • Particular networks • All workstations • Any terminal emulator • No restrictions on who Not Everything has Changed
  • 15. What if you could… • Control who can access the mainframe • Only allow authorised terminal emulators to be used • Access control through Active Directory / eDirectory • Roll Based Access Control (RBAC) • Centrally managed • Make the firewall rules simple for mainframe
  • 16. Well you can… Client workstation Telnet, FTP, INT- 1, T27, ALC, SSL/TLS SSL/TLS MSS Server MSS Security Proxy LDAP Directory HTTPS Content inspection (Intrusion Detection System, etc.) Host Micro Focus Management and Security Server Access control in middle tier: • A layer of security in front of your hosts • Without touching the hosts • Using read-only access to the LDAP Directory
  • 17. With Micro Focus… • A connection to the host can only be performed if you have been pre-authenticated • Access to the host based upon AD/eDirectory membership • Host can be protected by a firewall / simplified firewall rules • Only allow connections originating from the Micro Focus Security Proxy Server
  • 18. Well you can… Client workstation Telnet, FTP, INT- 1, T27, ALC, SSL/TLS SSL/TLS MSS Security Proxy Content inspection (Intrusion Detection System, etc.) Host Client workstation
  • 19. User Case Study – Airline Industry • Problem • Need to give travel agents access to their mainframe • A traditional thick client was heavy on management • Don’t own or manage the desktop • Had to use a VPN to tunnel traffic – further complicated the set-up • New travel agents opening all the time and also some closing • Spread through out the world
  • 20. User Case Study – An Airline • Solution • Management and Security Server • Strong authentication • Security Proxy Server • Only authenticated clients could connect to the mainframe • Thin client emulation • Readily configured sessions deployed to the desktop using Java Applets • Changes automatically deployed on next connection
  • 21. User Case Study – An Airline • Benefits • Mainframe protected from unauthorised access • Deployment as easy as providing a URL and adding user to LDAP database • Decommissioning as easy as removing the user from the LDAP database • Easy centralised management • Small client foot print on desktop • Very little management of agent required by airlines help desk
  • 22. Airline Solution Graphic Travel Agent Desktop Airlines TrafficSSL/TLS MSS Server MSS Security Proxy LDAP Directory Authenticated by MSS Server Content inspection (Intrusion Detection System, etc.) Airlines Host Secure token passed HTTPS No direct access to mainframe. Only allowed through Security Proxy Server if authenticated by MSS Server
  • 24. Not Everything has Changed • Credit card number remains on screen after typing • No additional access authentication required to view credit card number • Terminal emulator only displays what the host sends it
  • 25. What if you could… • Mask credit card numbers or any other sensitive field • With out changes to the host application • Stop copy to clipboard from working for certain fields • Redact information once typed i.e. after entry of a credit card number
  • 26. Well you can… Micro Focus Terminal Emulation • Fields can be displayed masked with asterisks • After typing a credit card number it can be redacted • The copy to clipboard field can be disabled for certain fields
  • 27. With Micro Focus… • Sensitive information is only displayed to those who really need access to it • Information typed only left on the screen until last character typed and then it is redacted • Helps with PCI DSS • Stop user from using terminal emulation trace facility by locking the terminal emulator down
  • 29. Not Everything has Changed • Authenticated once • Application security controlled by application • Non-repudiation • No re-authentication for certain tasks
  • 30. • Replace the normal Signon with a stronger method of Authentication and enable Single Signon? • Prompt a user at any point during any type of transaction to Re-Authenticate? • Re-Authentication could have context like: • Financial Value or transaction type? • Time since last Authentication? • Write away before and after values of any transaction to a Non-Repudiation system which could be used to report on activity? • With NO changes of any code on the legacy system? What if you could…
  • 31. Well you can… • Micro Focus Advanced Authentication Framework • Link with Reflection Desktop / Rumba terminal emulation • Choice of smart cards and/or bio-metrics such as fingerprint recognition
  • 33. With Management Security Server (MSS) and Advanced Authentication you can... • Create an enforceable access control layer between your employees and your legacy systems. • Leverage your enterprise directory to authorise users to host sessions. • Utilise strong authentication technology to confirm user identity. • Make use of multifactor Authentication. • Invoke Authentication and Authorisation at any stage during a session or function on a legacy application with full audit reporting. • Centrally administer access to terminal host sessions and macros.
  • 34. Directory (eDIR, AD, LDAP, RACF) User Reflection / Rumba AAF RTE Credentials (MFA, Mix & Match) RACF/TOP Secret Authentication Secondary Application Authentication Sensitive Enquiry Authentication Sensitive Transaction Authentication Time Based Authentication VBA Reflection / Rumba and Advanced Authentication Framework
  • 35. With Micro Focus… • Insecure user/password host logon a thing of the past • Multiple re-authentication points can be utilised • Multi-factor authentication • Tied into AD / eDirectory security groups • Roll Based Access Control can be applied • Permissions can be easily revoked • Central management of terminal emulation and access
  • 38. What if you could…
  • 39. What if you could…
  • 40. Well you can with Micro Focus… Micro Focus IBM 3270 IBM 5250 VT/UNIX HP700/92 Business Application • Well featured design time environment • Wraps host application logic with SOA interface • Non invasive ‘off host’ architecture • No change to host applications • Leverage existing business rules • Real time integration • Acts as a ‘data firewall’ – securing and guaranteeing integrity of the application • Robust, scalable and secure • Rejuvenation options available
  • 41. 1 2 3 Full Terminal Support Zero Footprint No Map Enhanced Emulation Custom Web Services Custom Mobile AppsTerminal Emulation • Screen re-presented as HTML or HTML5 • One to one with host screen • Can be accessed on desktop to mobile devices • Provides a secure method of accessing the host remotely • No direct access to host from client
  • 42. 1 2 3 Custom Web Services Custom Forms Server-Side Macros Managed Enhanced Emulation Custom Mobile AppsTerminal Emulation• Automation of host application • Still have access to host screen • Secure connection • Scalable • No direct access to host from client
  • 43. 1 2 3 Custom Web Services Fully Customized UI SOA Capable Trans- form Terminal Emulation Enhanced Emulation Custom Mobile Apps• User sees no host screens • Complete web-frontend • Fields can be hidden from user • No direct access to host from client • Secure and scalable
  • 44. With Micro Focus… • Host systems can easily become web service enabled • Providing a secure method of integrating • Hide fields from developers • Platform for rejuvenation • Integration with other systems • Mobile device access as well as desktop • Secure and scalable solution
  • 46. Not Everything has Changed • Macros managed by users • Development against production system • Sharing of macros • Ownership / support • Change control
  • 47. What if you could… • Prevent users from creating macros • Prevent users from viewing macros • If macros not required then prevent running of macros • Control the distribution of macros • Make macros part of a secure development life cycle • Ensure macros are part of change control
  • 48. Well you can… Management and Security Server • Distribute macros • Control access to terminal emulation Reflection / Rumba Terminal Emulation • Lock down emulation • Prevent macros being run from untrusted locations • Prevent macros from being created • Lock down API
  • 49. With Micro Focus… • Macros can be managed • Terminal emulation locked down • Macros become known and managed by IT • Secures the mainframe from abuse by macros
  • 51. General Security • Crypto modules FIPS 140-2 validated • Used by US DoD • TLS 1.2 fully supported • Secure development life cycle (SDLC) • Security given prominence throughout development of products • Intensive security testing of products
  • 53. General Security • Advanced Authentication Framework • Enhance the authentication process • Multi factor authentication • Multiple points of authentication • Allow automated provisioning of mainframe users and permissions
  • 54. General Security • Manage access to mainframe • Management and Security Server • Security Proxy Server • Can’t connect unless authenticated • Redaction of sensitive information • Secure integration of mainframe information • Macros can be managed
  • 55. Q & A