Are You a Mainframe Expert? Test Your Knowledge | April 11, 2023

Are You a Mainframe Expert
By Sonja Soderlund

If you’re looking for a theme running through this week’s mainframe trivia challenge, it’s all about preparing for future mainframe crises before they happen. Making hay while the sun shines, fixing the roof before it rains…you pick your favorite metaphor.

When it comes to finding experienced staff to run the mainframe, we all know the future is looking a bit…uncertain. Between the ever-increasing demands on mainframes, the ticking demographic time bomb of staff retirement, and a lack of trained and experienced mainframe technicians coming down the pike, businesses need a multi-pronged approach to ensure that they are ready for whatever the future is getting ready to lob at them. 

Sound familiar? Mark Wilson’s article, “Solo: A Mainframe Story” (♧ HINT) addresses these particular issues facing so many businesses, comparing the complexities of a mainframe operation to Han Solo piloting the Millenium Falcon through a space minefield. These operations are best not carried out solo – but with limited resources, skills, and capacity, what’s a business to do?  Wilson suggests a three-part approach to ensuring that mainframe systems can continue to promise “zero downtime’” even in less-than-ideal situations. 

In his article, “Fix the Roof When the Sun Is Shining: Data Loss and Prevention,” (♧ HINT) Wilson (Vertali’s Technical Director and an internationally recognized expert on mainframe security and technology) expands on the theme of preparing for future crises. In this article, Wilson addresses the issues of mainframe data loss in particular and cybersecurity in general.

Though people tend to think of mainframes as being generally more secure than cloud-based operations, Wilson directs our attention to the multiple potential data leaks that can lead to full-scale data breaches. From the more obvious (like FTP and SMTP or commercial products like XCOM) to the less readily apparent (Wilson’s particular bugbear being READ access to data), Wilson makes an impassioned plea to businesses to get their houses in order before data leaks create a deluge. Do yourself – and your mainframe – a favor and read the whole article.

According to Wilson, the surface web (which we access via Google), is merely the start of a deep, dark, and dangerous rabbit hole. How much of the web could be considered Deep Web or Dark Web?

  1. 96 percent
  2. 65 percent
  3. 72 percent
  4. 20 percent

Click to Reveal Answer

A: 96 percent

How much of the world’s system of record data resides on mainframes?

  1. 45 percent
  2. 69 percent
  3. 80 percent
  4. 20 percent

Click to Reveal Answer

C: 80 percent

In the world of cyber security, what does XDR stand for?

  1. Excellent Detection of Risk
  2. Extended Detection and Response
  3. Xenial Data Response
  4. External Digital Reader

Click to Reveal Answer

B: Extended Detection and Response

Which of these represents a vulnerability when it comes to mainframe data leakage?

  1. HTTP, HTTPS, NJE (Network Job Entry)
  2. IND$FILE for mainframe to PC file transfers
  3. Commercial data transfer solutions
  4. All of the above

Click to Reveal Answer

D: All of the above

Fixing your (mainframe) house while the sun is shining means both taking a brutally realistic look at the situation as it stands and then acting to fix the leaks before the rain starts. When it comes to staffing a mainframe operation, that means looking at what your business can handle and what should be outsourced. It also means actively planning for the short and long-term future care of your mainframe operation. What is your business’s “staff augmentation” plan? 

When it comes to security, the metaphor of fixing the leaks becomes pretty literal. Getting ready for a potential cybersecurity attack means taking stock of all the ways your business’s data is vulnerable and mapping out data access, movement, and usage. Wilson suggests that the time has come to reframe Data Loss Prevention as a strategy (or even a journey) rather than a magic-bullet, product-led approach.

This approach to DLP begins with a wide-ranging security assessment and has as its goal a DLP strategy that “extends in different ways across different domains: network, cloud, endpoints, and storage, ideally as part of a managed approach to security.” Will this be time- and resource-consuming? Certainly. But what price would you put on knowing that your business is prepared for bad actors? In the words of the old Mastercard ads: Priceless.