For many years, it seems, management and the distributed IT team have, more-or-less, ignored the mainframe. The mainframe has been quietly keeping the company in business, running all those transactions, and being reliable, powerful, scalable, and secure. All the exciting stuff has been with distributed. For many mainframers, it’s been like watching a teenager grow up and discover, in their own way, all the things that we’ve known for so long. You must remember how excited they got about virtualization about ten years ago, we had VM decades ago.
But more recently, the mainframe seems to have woken up. Yes, you can run Linux in your mainframe and not have hundreds of servers all over the place. And you probably only need one, or perhaps two people to look after it and not 20. And, of course, you can develop Agile applications with tried-and-tested updates being released every quarter. You can run Docker and Blockchain on your mainframe. There are z/OS Container Extensions (zCX), which let you run Linux capabilities on z/OS. And when it comes to Artificial Intelligence (AI) on a mainframe there’s IBM Watson Machine Learning for z/OS (WMLz) and the IBM Db2 AI for z/OS (Db2ZAI). Plus, there’s z/OS Management Facility(z/OSMF), which allows users to manage various aspects of a z/OS system from a browser. It’s intelligent, and helps users more easily manage and administer a mainframe system by simplifying day-to day operations and administration of a z/OS system. It makes you think that mainframes are exciting places to be.
And that’s why non-mainframers are starting to fear the mainframe.
Let’s imagine that I’m head of distributed computing at a middle-sized mainframe using company. I have lots of people reporting to me and I feel very important. The head of the mainframe part of the company seems to have just half a dozen staff. Then he suggests that we run Linux on Z. And he shows the amazing cost savings in terms of staff, electricity, and travel. At one meeting, I could lose a dozen reportees – and that affects my status in the organization. I’m not going to agree to that. More recently, our company have been having lots of meetings about security. It used to be that we focused on business recovery, but now it’s all about breaches. It’s not my fault if people in the company click on links in e-mails and download viruses and ransomware that brings down the Windows servers while we try to recover. And now, the mainframers are asking me about shadow data, audit trails, and security. They just don’t understand how much cheaper it is to develop off the mainframe!
Of course, my example head of distributed is right, for most things, the per seat cost of running an application off the mainframe is cheaper – often significantly cheaper. However, at many sites, off-mainframe development is carried out on a test database containing a copy of live data. It may not be kept current, but much of the data is current. And RACF and other security products probably don’t keep track of who does what to that data. And that can lead to a data breach. And there may well be another copy of the database – the one that’s used for development. Again, this probably isn’t covered by the usual security and audit trails and will contain some information that’s current. And then there’s the Business Intelligence team using the Excel and the latest Office 365 BI tools. They don’t consider themselves mainframers, but the likelihood is that they are using mainframe data. What audit controls are in place? And sometimes that data may be duplicated again for the mobile sales team so that they can go out and visit customers armed with the latest information. What audit trail is there on that data?
For the business, there is a huge decision to make. There’s the up-front cost of buying licences – which is usually much cheaper for a distributed environment. Against that is the possible cost of a breach – and that’s reckoned to be $3.92 million on average (according to a survey by the Ponemon Institute sponsored by IBM). As Clint Eastwood said in Dirty Harry in 1971: “You’ve got to ask yourself a question: ‘do I feel lucky?’ Well, do ya, punk?” Perhaps without that last sentence, that’s the question that many organizations are asking themselves.
You might well argue that it makes sense to use IMS and Db2 cloning tools and anonymize or mask the data and then use a data virtualization manager to provide access to this data in real time. This along with multi-factor authentication keeps everything secure. But, for the head of distributed systems, it looks like losing status and power because control is being given back to the mainframe.
But, again, the head of distributed systems will want to develop Docker and Blockchain applications in a distributed environment and save on costs. And the bottom line is always a hard fact to argue against. It’s especially difficult when the distributed boss sees that he could lose staff and prestige to that sleepy old-fashioned mainframe. He (or she) will definitely dig their heels in and want to expand their team and the skills in that team.
So, what’s to be done if the mainframe’s positive attributes are scary to the distributed team and to managers, who are more familiar with Windows or Linux as their platforms of choice?
The answer is to start now by advocating for the mainframe and help management to understand the power of the Z platform and begin to consider it as the first-choice platform when anything needs to change. In fact, mainframers need to go beyond the Exec and educate the whole organization about the power of the mainframe and the main subsystems, IMS, CICS, Db2, that are running. It’s important that people understand that you don’t have to speak COBOL, PL/I, or Assembler to do anything on a mainframe. Not only does it support most modern languages, eg Python, Java, and PERL, but there are also modern GUI systems that can be used, eg Zowe or Eclipse. It’s not a world of green screens (although it can be if that’s how you like it). And it can run modern applications, and you can use it as the starting point for analytics. You might even consider bringing in experts to talk to your organization about the power of the mainframe and what it can do for them. Plus they could have the benefits of pervasive encryption and data privacy passports.
The mainframe is incredibly powerful, reliable, and secure. It’s no wonder that some people are afraid of it.
Regular Planet Mainframe Blog Contributor
Trevor Eddolls is CEO at iTech-Ed Ltd, and an IBM Champion since 2009. He is probably best known for chairing the Virtual IMS, Virtual CICS, and Virtual Db2 user groups, and is featured in many blogs. He has been editorial director for the Arcati Mainframe Yearbook for many years.