I have been reading about the data breach at Equifax and how it may have affected up to 143 million Americans. As of this writing, it appears that the breach happened due to a vulnerability in the Open Source Software, Apache Struts.
A patch for the vulnerability was released back in March, but it was not an easy patch to implement. As pointed out at https://arstechnica.com/information-technology/2017/09/massive-equifax-breach-caused-by-failure-to-patch-two-month-old-bug/ ; ”As Ars warned in March, patching the security hole was labor-intensive and difficult, in part because it involved downloading an updated version of Struts and then using it to rebuild all apps that used older, buggy Struts versions.”
I asked one of our security people that if the application had been hosted on a mainframe with encryption active, would this have prevented the hackers from gaining any data that could be useful. His reply was it most likely would have minimized the damage; there is a good chance that any data obtained would be encrypted and useless to the hacker. He continued to explain that no system is 100% secure; everything is hackable. But a mainframe that has encryption and utilizing up to date patched security software is usually much more difficult to get into than a website hosted on a server, even if the mainframe hosted application has security flaws. Additionally, with the proper security in place, there is a better than average chance that there would be early warning signs of someone gaining unauthorized access.
Often times, maintaining the security software on a mainframe falls to the systems programmer. The systems programmer can implement and patch the software, but they may not have the in-depth knowledge needed to see the early warning signs of an attempted breach or an intrusion into the environment. They also may not have a set schedule to follow the latest best practices on keeping the mainframe secure. And if a warning sign is noticed, the systems programmer may just burn a lot of cycles determining the cause and the proper remediation for the situation.
Call us today at 1-844-388-IRON (4766) to find out how we can help secure your mainframe.
