Data Privacy and the Insider Threat: You Can’t Afford to Separate Them
Overview: Your efforts to privatize data are closely related to finding and thwarting insider threats. But these focus-areas are often siloed. Learn why they should be working closer.
Mainframe professionals often tout their platform as being the most secure platform available to large organizations. But it’s also true many of them have a false sense of security, to the extent they believe the mainframe is practically invincible.
We need to look at the mainframe as being securable, rather, and only when we deploy the proper tools and techniques to enable that. Especially today as insider threats become more common, any system can be infiltrated, and data can be pilfered, regardless of how advanced a platform’s inherent security may be.
There’s also a cultural aspect to this securability that must be considered. Like other areas in mainframe IT, security has always been siloed from other disciplines and has contained its own silos. One team has traditionally focused on data privacy compliance while another team has kept busy protecting assets and hunting insider threats.
But these teams really should be working closely with each other. The sensitive data one team is trying to protect from the insider threats is the same data another team is privatizing and reporting activity on for compliance. If there’s a breach, the two teams must work together to understand what data was breached and what the impact was.
Tools and Techniques
As for tools and techniques organizations can leverage to help enable this collaboration between groups and tighten security on their mainframes, RSM Partners is enabling customers to improve infrastructure-level security with products like zDetect while Compuware monitors user application behavior and provides visibility into activity of insider threats with Application Audit. You can learn more about those solutions as well as how they work together in this blog post and webcast.
In addition to the software RSM Partners offers, it also provides security assessments and pen tests to help customers ensure their mainframes are secure when data lands on it. Furthermore, it offers security as a service to customers by providing them with a technical liaison of sorts who works with various security roles to maintain communication between siloed teams.
The Big Security Picture
If you’re breached and your security people handle the breach and find the culprit, your compliance people still have to report to regulatory bodies and customers. But if these teams are siloed, they may not have the information or know they were breached until later. Failing to report this information in time compromises compliance and leads to financial penalties.
If you don’t see the whole picture, you’re going to miss something, and that’s a risk. Because something that happens in the realm of one team could have a profound impact on another area, and the failure to maintain awareness could have a profound impact on the success of your business.