Mainframe security threat – an inside job?

Hi everyone,

If you watch the news every day, it’s only natural to start developing an irrational fear of “stranger danger”—whether it’s the fear that an unknown intruder is going to raid your house or steal your identity, or that anonymous foreign hackers are going to hack your company’s mainframe. But the truth is you have more to fear from the people you know than the people you don’t.

In past blog entries, I’ve talked about the various companies whose headlining hacks turned out to be inside jobs: Ashley Madison, AT&T, and possibly Sony. In each case an employee, contractor, or other person with insider access stole data with the aim of selling it or sabotaging a former employer.

Yet companies are still focusing on outside threats. If you read the lead thought article in our October eNewsletter, you saw the statistic from a recent study by Lieberman Software Corporation, carried out at Microsoft Ignite, that “only 35 percent of IT professionals view insiders as a bigger threat than outsiders.” This means that 75 percent of companies are leaving themselves wide open to an inside attack that could potentially cost them dearly in lost revenue and—even more valuable—their customers’ peace of mind.

It’s one thing to be attacked by malicious outsiders, quite another to let yourself be victimized by an employee you hired and entrusted with sensitive client data.

The more people you allow to have unfettered access to your mainframe data, the more vulnerable you become to the possibility of an insider attack. With young employees and contractors jumping from job to job, you can’t count on company loyalty alone to protect you. And while most of your employees will never breach your trust, it only takes one rogue insider to wreak serious havoc.

InfoSec’s security services such as our comprehensive Mainframe Auditor Practice for Security and Compliance Standards (MAP/SCS) Assessment offers clients a comprehensive inventory of their current implementation, analyzing primary security metrics such as User ID counts, logging rates, enforcement levels, numbers of privileged users, number of users with security-bypass authority, new password requirements, obsolete User ID counts, etc. This information provides valuable insights to IT professionals about where there might be vulnerabilities in their mainframe security so as to quickly plug the holes.

Contact InfoSec today and find out how to protect your company from becoming yet another in a long list of data breach victims.

Until next time…