Can a Bank Outsource IT Security?

recruitment-3182373_960_720

Most people would say no. Such an idea sounds almost crazy.

Still this is more than likely to have happened at quite a few banks, as more and more banks outsource mainframe operations to service providers. The ironic thing about this is that it is indeed on the mainframe where the bank’s absolutely most critical information assets are to be found!  

However, finding people who have mainframe skills is not easy. Many Z/OS experts have retired or will soon do so. This is what in the first place has led banks to outsourcing. If the trend continues, then any remaining mainframe-skilled workforce will slowly but surely be concentrated to a few service providers who will be running mainframe services for the majority of banks.

When it gets confusing

The job of a service provider is to make sure that an agreed SLA is fulfilled (preferably as cost-effective as possible). However, how do you define an SLA for IT security? Does that even make sense? The very nature of hacking is to find new vulnerabilities. How do you agree in an SLA on identifying new security threats?

Things can get confusing in an outsourcing process as responsibilities are reassembled. Let a few years pass and everyone will point to the service provider as soon as they hear the word mainframe. The service provider is responsible, right? Actually, when it comes to security that is not entirely true. The bank remains responsible for security, no matter where it derives its mainframe services from.

Where the Vision starts

In order to create a good strategy for IT security, we at Beta Systems believe that not only technical mainframe skills but also practical knowledge about the bank’s operations is needed. No one but the bank itself can understand how its people work and what information is critical. Only with this knowledge is it possible to proactively prepare for incidents. Therefore information security cannot be entirely outsourced.

This leads us down to our vision: enabling mainframe security without a need for technical mainframe expertise. To realize this vision we develop easy-to-use software for managing and monitoring RACF permissions, giving the bank’s Security Officer a modern UI to fulfil security goals with.

But how to administrate mainframe access rights to overcome the growing challenges of the digital age?

Get your free guide for data center managers who operate RACF systems here.

The Outsourced Mainframe and the Human Factor

As a generation Y mainframer born in the 80’s, I find it hard sometimes to explain to my generational peers what I do. Quality Management

Why Mainframe?

Typically people my age a) have never heard of the mainframe or b) think of punch cards and green screen terminals they saw in a computer museum. They tend to be surprised when I tell them that mission-critical workloads like ledgers, payroll, inventory control, banking and financial transactions are in the year 2018 actually running on mainframes. In fact, some 68 % of the world’s IT production workloads run on mainframes (cio.com) and 71 % of global Fortune 500 companies have a mainframe (IBM). There are valid reasons for that such as reliability, availability, service-ability, scalability and security.
Keine Tags vergeben

Efficient Troubleshooting Delivers Smooth IT production

Credit Suisse introduced Operlog Tools from Beta Systems to speed up IT production error resolution. Ever since, Credit Suisse has been able to reduce the risk of unplanned downtimes and has greatly accelerated the task of narrowing down errors.

Beta Systems

Efficient Troubleshooting Delivers Smooth IT production

Rapid Error Analysis Thanks to Detailed Data Access

The Operlog Tools provide options for analyzing online data and archived information via a simple yet powerful interface. It allows employees of Credit Suisse to evaluate serious production errors with ease. This is made possible thanks to comprehensive selection and filter criteria that can be custom configured or shared with team members. The latter option ensures that all contributing parties have a unified case view.

The future-proof Mainframe – Access Management in the Digital Age

RACF Administration in the Digital Age

Companies that operate mainframe systems are presently facing hard times. Most of their mainframe experts are about to retire, and only few young IT specialists can fill the gap. However, the mainframe remains a key technology today and in the future – one that has to meet constantly rising demands also for the RACF administration.

Mainframe Access Management White Paper EN

Digitization, new legal provisions, and organizational changes require that mainframe systems quickly adapt to new practices and regulations. This forcesorganizations to develop corresponding strategies, including ways to simplify RACF-based authorization management and to make it more secure.

Reinsured Customers Thanks to Automated Data Reconciliation

Reinsured Customers Thanks to Automated Data Reconciliation

Automated data reconciliation implemented at a major Canadian bank.

When Oscar Peterson (who died in 2007) wrote the song “My Personal Touch,” most people probably thought the title was referring to the piano keys he so skillfully caressed. But that’s far off the mark: The world famous jazz pianist dedicated this piece to the “personal touch banking machines” of Canada’s largest bank. They were highly advanced even back in 1981. Complex technology hidden beneath a user-friendly interface – in order to implement this objective, the bank relies on products from Beta Systems that help it keep data center processes up and running. This is among our largest Beta 91 installations in North America, and it has been upgraded and extended ever since its introduction in the early 90s.

RACF Audit Minimizes Risks for Mainframe Customers

RACF Audit Minimizes Risks for Mainframe CustomersMore than 80 percent of all global z/OS installations employ RACF (Resource Access Control Facility), the IBM tool for identifying and verifying users, managing access rights and logging access to protected resources. Based on the probable assumption that IBM mainframe systems are likely used by very large companies, it can be said with great confidence that RACF protects the security of the world’s most complex IT landscapes.

Latest Release Beta UX 4.4. Now Available

Beta-UX-DistributionMaster_Mockup-Laptop

Beta UX Output Management and Archive

The latest version of the Beta UX 4.4. output management and archive suite has just been released. For several months, the team evaluated numerous suggestions and requirements communicated to us by our customers and implemented these in the 4.4. release. The changes aim at making document handling with the Beta UX Suite even more secure and intuitive.

Clever Document Management Solutions Set Up by Customers

Clever Document Management Solutions Set Up by Customers2For many of our customers, document management is of key importance. Be it due to legal provisions that force a customer to archive certain documents over the long term, or because of contracts or agreements with a very long lifecycle (life insurance, public sector) whose original data must be available to processors for decades.

Read this article to find out how our customers are handling a broad range of requirements.