by sfeisadmin | Mar 25, 2018 | z/OS Mainframe Security
The Payment Card Industry (PCI) Data Security Standard und ISO-27001/2 represent important security standards for financial service institutions. This article keeps you updated on current topics surrounding PCI and ISO 27001/2 compliance of the mainframe platform....
by sfeisadmin | Mar 25, 2018 | z/OS Mainframe Security
At first glance, it might sound odd, but key functions of security software performance target the “invisible workings of your IT” that require transparency. It is the job of security monitoring to locate hidden security gaps and weaknesses, even those...
by sfeisadmin | Mar 25, 2018 | z/OS Mainframe Security
Audits in general arouse wild conjectures. This is especially true for personal visits of an auditor, which may be critical to your career. Nobody likes to make mistakes. Everyone tries to avoid scrutiny. But an audit cannot be ignored. Although audits may seem...
by sfeisadmin | Mar 25, 2018 | z/OS Mainframe Security
The “OS/390 and z/OS Security Technical Implementation Guide” of the US Department of Defense (DOD) provides only a basic approach for a secure implementation of z/OS. The German Federal Office for Information Security (BSI) is far more comprehensive. Since 2004 the...
by sfeisadmin | Mar 25, 2018 | z/OS Mainframe Security
Isolated technical measures alone, even when operating in real-time, are not enough. Commercially offered systems for recording SMF records in real-time, such as RACF SMF records, are a good example. You have a good objective, but this is simply not enough, since the...
by sfeisadmin | Mar 25, 2018 | z/OS Mainframe Security
The topic of internal attacks is an extremely sensitive one. Both determining the risks from bad colleagues and employees and communicating this to them is a rather undesirable task and also legally difficult. No wonder the term “intrusion detection” has...