Mainframe Security Challenges: An Encroaching PerimeterPhilip MacLochlainn of IBM Advocates Encrypting All Data to Mitigate Breach Risks
Even with the uptake of cloud services, many large enterprises still hold data on mainframes, says Philip MacLochlainn of IBM. But the diversity of computing environments around mainframes, ranging from containers to public and private clouds to virtual machines, is rapidly changing, which increases the risk of data breaches for businesses, he explains.
"While network perimeter security is prudent and it's necessary, it's certainly not sufficient," MacLochlainn says in an interview with Information Security Media Group. "We need to focus on securing the data and not just the perimeter, and that plays to a strength of the mainframe."
Tighter access controls can help enterprises ensure that data doesn't stray too far, and encryption can protect data if it does leak, MacLochlainn says. Encrypting everything has been expensive due to the need for additional infrastructure to offset performance hits, but those obstacles are being overcome, he says.
"If the question is 'How do I avoid data breaches?' or 'How do I protect my customer or my citizens data?', the answer is it needs to be encrypted," MacLochlainn says.
In this interview (see audio link below photo), MacLochlainn discusses:
- Why mainframe data is at a greater risk of breach;
- How the increasing adoption of cloud services will affect mainframe security;
- How encrypting all data is becoming a more viable avenue to prevent breaches;
MacLochlainn is a business unit executive with IBM's systems server group in Sydney. He previously was a technical sales leader in IBM's systems and technology group.