BYOD and Network Security
There was a time, when people could only access high-tech kit when they went to work. Mainframes were kept in secure areas, and dumb terminals around the building would allow people to talk to it using time-sharing option (TSO). Some of us even remember creating large decks of cards and handing them in to the operators, so our jobs could be run. And in quiet rooms, mature members of staff still remember paper tape readers, and backups stored on tape in fireproof vaults inside the machine room.
But nowadays, everyone is walking around with more computing power on their phones than the whole of the northern hemisphere had in 1978. (All right, I made up that statistic, but you get the idea). Not only are smartphones incredibly powerful and easy to use, but no self-respecting exec will turn up to a meeting without a similarly powerful tablet device. And the more that people use their own devices, the more they want to use them. And that means they want to connect them to the computing infrastructure at work. They want to bring their own device (BYOD) and simply get on with their work. What’s wrong with that?
Well, pretty obviously, the problem is security. If a member of staff can access data with a tablet device, what’s to stop a malicious hacker accessing the same data. Secondly, what’s to stop that member of staff storing data on the tablet so they can use it later—only to find that someone else gets access to that data. Thirdly, what’s to stop malicious applications getting onto the business network from one of these devices? And you can keep adding to this list.
Last week, IBM took a big step toward greater security by introducing the XGS 5000 Intrusion Prevention System (IPS). This IBM Security Network Protection helps security managers keep a closer eye on which applications and websites other members of staff are accessing. Then, using that information, the security team is able to prevent inappropriate or risky behavior.
This new appliance is designed not only to prevent network-based attacks, but it also provides application-level controls and URL filtering capabilities. The product integrates IBM’s core IPS technology with threat-monitoring features, for example, identifying members of staff who are misusing the Web, and blocking dangerous URLs that are known to be a source of malware.
In addition, security staff can set granular controls on user activity. This allows them to restrict potentially risky activities, such as chat or file transfers, without needing to actually block access to social networking sites. Security managers are able to block activities through the appliance, they don’t need to implement APIs. In effect, the device allows organizations to create and enforce security policies that can be customized to any user’s role in the company, the time of day, as well as the type of site being visited.
According to IBM, the XGS 5000 would expand visibility and analysis, allowing administrators to gain a better view of network activity and potential security threats, and forming a “next-generation” intrusion prevention platform. IBM apparently plans to release a range of appliances with differing throughput levels based on this next-generation IPS technology in the future.
Although mainframe users tend to feel (rightly) smug about the security of their preferred platform—you hear users of other platforms discussing issues that RACF and other comparable mainframe security products solved many years ago—the introduction of service-oriented architecture (SOA) over the past 10 years means the network is used to send, for example, DB2 data from a CICS transaction to users’ browsers on devices that could be remote or local. And if they’re local, then it could be a BYOD that’s potentially creating a security risk. This new IBM technology could help mitigate the risk.
Trevor Eddolls is CEO at iTech-Ed Ltd., an IT consultancy. For many years, he was the editorial director for Xephon’s Update publications and is now contributing editor to the Arcati Mainframe Yearbook. Eddolls has written three specialist IT books, and has had numerous technical articles published. He currently chairs the Virtual IMS and Virtual CICS user groups.
Posted: 8/14/2012 4:03:57 AM by
Trevor Eddolls | with 0 comments