Technology executives run the risk of believing that no news is good news
Since IT and mainframe managers are so used to SMS and email alerts warning them of system malfunctions, it becomes harder to seek out and solve the problems that are not glaringly obvious. The loudest problems are the ones that get the most attention. However, the hidden dangers that most risk being ignored can often be more serious because of that.
The risk of undetected breaches
Not every hacker is an activist who will proudly trumpet his accomplishments for all to see. If a hacker infiltrates your system unnoticed, he can make off with a great deal of valuable data. Worse yet, if the breach remains open, the hacker can continue to siphon off the valuable business intelligence of your company and personal data of your customers. Just because an alarm didn’t go off doesn’t mean nothing was stolen from you.
Would you know if someone had access to your mainframe that shouldn’t? How? The lack of noticeable security lapses can make it very difficult to justify ramping up security measures. However, precautions are still necessary, especially since some of the biggest security risks can happen without any alerts being triggered. Rather than paying attention only to the cost of heightening security, mainframe managers should take into account the cost of stolen and exploited data.
The right kind of alerts
Companies running mainframes need to implement reporting, audit, and alert systems to mitigate risk. Steps should be taken to protect against external threats from hackers who would attempt to steal sensitive data, internal threats from employees who might be after intellectual property or HR records, and misconfigured user account permissions.
Alerts are useful for notifying the correct personnel if a breach has occurred or if one is in progress. However, regular audits and assessments of security systems will also bring to light potential security risks before they can be exploited. These proactive alarms help prevent data theft. However, finding these types of security weaknesses won’t happen automatically. They must be sought out.
Your system is not immune
No system is immune from breach, and no mainframe administrator can assume the data in their custody is mundane enough not to interest hackers and thieves. Modern mainframe systems are too interconnected with the rest of the web and other business processes to be left unprotected. Many businesses do not have an accurate sense of how prepared they are to withstand security threats or an attempted breach.
Sorting through the data
Examining log files and audit trails after a security breach can help companies tighten security and prevent similar hacks from happening again. However, those measures are typically taken after a loss has already occurred. It is difficult to anticipate hacks, and therefore difficult to protect against them.
How does your company handle multiple fail password attempts? Many programs will lock out the user after a certain number of failed password attempts. It could be just that someone forgot their password, or it could be a sign that someone is trying to access the system without authorization. It is important to track patterns in multiple failed attempts. For example, if there are multiple failed password attempts for a number of different users coming from the same IP address, which is likely a hacker working through multiple common passwords on a number of users’ accounts.
Security has never been more challenging. The days when organizations could secure a mainframe simply by locking the door are long past. Hackers are more motivated and sophisticated. Organizations must be more proactive in strengthening their security systems, or risk the cost of losing data. They can no longer wait for the alarm to go off before they act.
ASPG’s password management program, ReACT, triggers automatic alerts to managers for many events that could be the work of a hacker, such as multiple failed password attempts, multiple attempts at resetting a password, and other suspicious behaviors. Request a free trial today, so the things you don’t know can hurt you today don’t hurt you tomorrow.
Photo Credit: Christophe Verdier via: imager.io, cc
