When it comes to security, it is critically important to always be prepared and a step ahead of change. Why? Change introduces risk. Change is often unpredictable as we’ve seen in recent months with an instantaneous shift to full-time remote knowledge workers! This is why we always need to be prepared. But how do we get to a state of prepared bliss when day-to-day tasks keep us busy?
Mainframe security has passed the test of time with its multi-layered approach proving repeatedly that it is highly securable. It continues to offer sophisticated controls that keep pace with threat evolution and enable you to continue relying on the most securable platform in your enterprise. Zero Trust is a strategy, a way of thinking about security on your journey to Zero Trust.
As always, ‘rings of security’ and layered defenses are important in security architecture and the same works for implementation of Zero Trust. Advanced authentication at boundary or entry points and contextual granular just-in-time authorization drives layered security checks in a series. Zero Trust is simply implemented with a combination of additional tools and following best practices with existing tools.
Zero Trust is both a way of thinking, as well as a way of behaving as a security organization. The key benefit is preparation. Zero Trust suggests that one should ‘be prepared’ for breaches: assume there will be a breach, and you can plan for it, work to avoid it, and recover from it if it happens. It comes down to mindset. The most secure organizations live every day assuming they have been or will be breached and their security controls are not good enough. Preparation is the foundation for a Zero Trust model, or stated differently, verify before you trust model.
Zero Trust seems like an initiative that is more appropriate for a new system or application, but not something one would hope to achieve on a system that has been in use for decades. But, in fact, one could argue that Mainframe was an original ‘Zero Trust’ platform. You see, originally, when the mainframe system was developed, everyone had access to everything. After all, only the experts were on the system and “regular user” access was very limited.
Zero Trust is an approach to security that can and should be applied to the Mainframe. Yet too often, Mainframe is overlooked as a security concern, as many assume that it is naturally secure, because, well, it's a Mainframe. Now, this is certainly flattering for the platform, and to be honest, the Mainframe’s reputation for security is well deserved. But it is not invulnerable, and nothing about it is ‘naturally’ secure.