Why privacy and integrity matters in a mainframe network
February 7, 2020
Mainframes are the foundation for many critical systems, from bank databases to municipal systems for local governments. It's estimated that 70% of Fortune 500 companies have mainframes in their infrastructure. This hardware holds a lot of sensitive data, which puts it in a vulnerable position. Privacy and data integrity must be maintained for the mainframe systems to ensure that this information isn't accessed without authorisation, altered, or stolen.
Data integrity has three components to it: consistency, accuracy and the information's completeness. One of the most important functions of data integrity is checking whether the data has been changed in an unapproved way. Many things can change information as it moves through the network. Malicious attackers may add malware or disrupt data transmissions in transit. Errors could occur due to network connection problems or human error. Sometimes multiple versions of a file are accidentally created and lead to a lot of employee confusion.
Mechanisms such as non-repudiation aid in data integrity for a mainframe. Non-repudiation makes it impossible for a sender to deny that they sent a particular packet, and the receiver that they received it. Another way that data integrity is upheld when data is in transit is through the TCP networking protocol. When an application sends information over a network using TCP, this protocol keeps the data intact and checks it for errors along the way.
Data privacy is maintaining the confidentiality of information. Only authorised parties can view this information, whether it's in transit or at rest. Data privacy is an essential component to cybersecurity, especially when it comes to the information stored on mainframes. This sensitive data includes transactions from banks, trade secrets, and essential applications and workflows. Data privacy is particularly important in regulated industries, such as the medical field, as heavy fines result when this information is accessed without authorisation.
Security vulnerabilities come in many forms, from newly discovered exploits to employees who don't understand potential cybersecurity threats. Complete data protection is a necessary measure to stop vulnerabilities from compromising the heart of a network. Hackers can delete or steal sensitive data, disrupt complete systems or pretend to be a user that they're not to gain access to parts of the network. They do this by giving their user accounts elevated permissions, adding their own code onto the mainframe, and stop network monitoring and other security measures.
Complete data protection includes data integrity and privacy. Without both of these components, the cybersecurity measures that are in place are not sufficient to properly protect against attack methods or unintentional intrusions. If this data is exposed without authorisation, the consequences can be significant. Financial transaction data from...