Berlin, December 14, 2017 – There are various ways for IT managers to set up a simpler and more secure mainframe access management workflow. However, the associated measures should not be viewed as isolated items. On the contrary: It’s all about combining them in a suitable way.
1. Regularly clean up your authorization structures.
Due to the complexities of operating RACF and lacking know-how, IT staff often shy away from deleting or restructuring access rights. This, in turn, leads to the buildup of ever more complex and opaque authorization structures over time. You should therefore have your system checked and cleaned up by an expert on a regular basis. Numerous companies, including Beta Systems, offer such a service.
2. Implement monitoring tools that help you gain transparent structures.
Using software that monitors which access rights are being used actively, you can quickly identify which authorizations can be disabled and then deleted. While such monitoring solutions incur an initial investment, the resulting time savings during troubleshooting and, even more importantly, improved system security, make such an investment highly worthwhile.
3. Build internal authorization management know-how.
Given the lack of skilled professionals, some companies might consider outsourcing their authorization management to an external service provider. Yet even if they do so, this does not mean they can simply forget about this whole topic. A service provider can only operate a system that has been cleaned up adequately, so the company has to take care of this in any case. Moreover, as a service provider is not familiar with the client’s internal structures, close cooperation is of the essence. You should also consider the security risk that can result from handing over a task as sensitive as protecting your own resources to an external party. You also need to be aware that your company remains responsible for your authorization management, no matter where it is taking place. Therefore, define clear responsibilities and build strong know-how in this area.
4. Replace home-grown interfaces with a standardized solution.
RACF administration solutions must be able to quickly adapt to changing conditions. This tends to be a difficult task when dealing with self-coded interfaces once the original coders have left the company. Standardized solutions present a good way to prevent loss of knowledge. Before you decide on a product, you should ensure that the provider will support and update the system over the long term.
5. Regularly perform RACF audits.
RACF should be subjected to ongoing monitoring in order to uncover weak spots: Is the system still able to detect IT risks in due time? Are there implementation errors that may compromise security? To ensure that you cover the whole range of potential error sources, you should adopt an audit guideline that observes the BSI list of basic security measures. The guideline describes the procedures and scope of an RACF audit in detail. In general, the audit should focus both on the configuration of the RACF security settings as well as on the logged events that may indicate potential attacks/risks.
Specialized software solutions can significantly simplify and speed up the audit process, resulting in savings of up to 50 percent. Companies still need to be aware that it takes more than simply installing such a software tool. Human specialists still need to evaluate the identified risks, which is why a combination of tools and consulting is generally the best course of action.
For further information about access management in the digital age, get the free guide “The Future-Proof Mainframe” at http://decrease-racf-administration-costs.betasystems-dci.com/
End of body text
About Beta Systems DCI Software AG
Beta Systems DCI Software AG has been developing high-quality infrastructure software products and solutions for the reliable and efficient processing of large quantities of data for over 30 years, providing our customers with the means to best fulfill all legal and corporate requirements. Our multi-platform software solutions for z/OS, Unix, Linux and Windows environments automate, document and analyze business-critical IT processes in data centers of large corporations, IT service providers, public-sector institutions and mid-sized companies. Beta Systems’ data center intelligence portfolio focuses on output management & archiving, log/security information management, workload automation and job management.
Beta Systems Software Aktiengesellschaft (BSS, ISIN DE000A2BPP88) was founded in 1983, has been listed on the stock exchange since 1997 and employs a staff of about 300. Company headquarters are located in Berlin, Germany. The company, together with its 18 self-owned subsidiaries and numerous partners, is active across the globe. More than 1,300 customers all over the world are currently operating over 3,200 installations in more than 30 countries. They employ products and solutions from Beta Systems to optimize their IT landscape and maximize security. The company is a leading mid-sized, independent European software solution provider that generates about half of its turnover abroad.
For more information on the company and its products, visit www.betasystems-dci.com.
You can also visit Beta Systems at:
Beta Systems DCI Software AG
Thomas gr. Osterhues
Tel.: +49 (0)30 726 118-0
Fax: +49 (0)30 726 118-850