Success Story

Cecabank Automates Mainframe Administration Tasks with Beta Access

Authorization management at Cecabank: The bank automated its mainframe security and cybersecurity risk management with software from Beta Systems.

We can now identify security gaps in the RACF system with ease and meet compliance regulations to the dot. Even users with little technology experience can generate the required audit reports.

Sela Santamaría
Director of IT Systems, Cecabank

Initial Situation

Information security is a fundamental aspect at Cecabank, and technology is key to optimizing the internal information systems. Cecabank was in need of state-of-the-art technology to gain reliable compliance with regulatory requirements and to boost their level of information security.

Over the past four years, Cecabank has worked hard to drive its digital transformation plans and has made significant headway in implementing and expanding them.

Challenge

All hardware and software must support digital transformation to ensure the required level, quality and security of services.

The cybersecurity department must both enhance security and meet compliance requirements as defined in the GDPR, in addition to satisfying internal audit requirements. In order to achieve an adequate level of security, all employees are only assigned the authorizations to IT systems they actually need to perform their tasks.

Implementation

Authorization management at Cecabank: Cecabank opted for Beta Access admin from Beta Systems because the comprehensive and simple yet reliable solution for zOS security administration and audit not only met, but even exceeded their requirements. As an added bonus, the solution also integrates with the SIEM system, which simplified workflows significantly.

Prior to the introduction of Beta Access, Cecabank processed security events (RACF SMF events) originating from the mainframe in batch mode, which generated a daily workload. User management, access to resources, protection of resources and the allocation among them used to be handled with the tools provided by the operating system.

Accessing audit data required additional effort from the zOS administration team, as they were familiar with the environment and had sufficient access rights. This posed a challenge because alerts did not reach the SIEM in real time, and it was also a cumbersome system to manage. Therefore, administrators had to perform and control audit tasks to deliver the information to auditors.

Outcome

Cecabank benefits from the implemented Beta Access solution in many ways. The IT department is now able to provide a convenient Windows interface that allows auditors to operate the system without any special RACF or zOS knowledge. Also, the solution enables non-technical users to review the RACF system and generate audit reports.

They can perform fast audits via an easy-to-use Windows interface and generate preconfigured audit reports based on actual requirements and industry best practices. Moreover, the new real-time monitoring feature alerts users in real time as soon as a critical RACF or security-related event occurs.

As a result, security breaches can be detected much faster. This also means that incidents are escalated to predefined recipients or operation monitoring systems without delay. The cybersecurity department can now receive early warnings and alerts, and the user-friendly ISPF interface of Beta Access admin provides functions for centralized RACF management.

A comprehensive set of functions enables the maintenance of RACF profiles while providing a transparent overview of all information that needs to be managed in the RACF system.

Customer

Year of foundation
2012
Number of employees
470
Head office
Madrid
Sector
Wholesale bank for securities services
Cecabank
Calle Alcalá 27
28014 Madrid
Spain

Contact us

Beta Systems Software AG
Alt-Moabit 90d
10559 Berlin
Germany

Share

Further Resources

Insight

What Is a Mainframe?

A mainframe computer, often referred to as “big iron”, is a powerful computing system used by large organizations for essential tasks such as mass data processing and enterprise resource planning. Although mainframes are smaller than supercomputers, they offer higher computing power compared to other computers classes.
Whitepaper

CA-7 to TWS/OPC Conversion at SIGNAL IDUNA with the Support of XINFO

A report based on user experience by Claus Kaesler, June 2003 – The author is a consultant with many years of experience in Job-Scheduling-Systems (JSS) and has performed many conversions using his own conversion tools from and to JSS’s as varied as CA-7, TWS/OPC, Control-M, BAGJAS, APM(HS5000) and APEX. He also has worked extensively with output management systems.
Whitepaper

Scheduler Migration Supported by XINFO

This document will describe how XINFO can assist and support the migration of job scheduling systems in a variety of ways. It makes no difference which scheduler is used or in which direction the migration is to take place.