How security can be the key to your castle


In the application economy does security help or hinder your business?

LittleBlogAuthorGraphic  David Hodgson, September 23, 2014

Traditionally people view security like a castle moat. That is a great start but while a firewall with strong authentication is good it is not enough. Conceptually it does not go much further beyond: “Stop, who goes there?”

We are constantly seeing examples of people finding ways under, over or around our moats and in the current digital era this problem is getting worse. The fortress mentality just doesn’t work well in our highly connected world.

A wholly, more sophisticated approach is needed. One that keeps our resources secure, but doesn’t involve the ‘clunkiness’ of heavy security that ends up hindering your business.

With this post I complete the four-part series about navigating your journey in the application economy – exploring the topic by drawing allusions with my daily walk to work and back. The four principles I have suggested are:


In this post I’ll cover the topic of security.

Untethered capability

I quickly found out that wearing a tie while walking to work in Manhattan is a killer – I need much more air circulation around the neck area when moving at speed, particularly in the warmer summer months. So now I keep some ties at the office.

Keeping that tie in the office is a security feature for me in case I feel the need to put one on for an important meeting. Now I don’t have to slow down my walk and secure at work.

If your security slows down your employees or your customers it is holding your business back. In today’s connected world a well thought and thorough security strategy is critical.

We cannot deny the benefits of the cloud, but we need policies and tools that enable BYOD and the use of tools like Dropbox, not a police-state mentality that blocks useful activity. Security in the application economy must allow seamless application experiences while being sure that only authorized people are using the services.

The answer for the application economy is content-based data placement and content-based access to data, coupled with a much stronger concept of identity. We need a stronger sense of who is doing what and a stronger definition of how to do it.

However, it must not be restrictive to the user experience, because today’s user of both internal IT and consumer apps has choices, and if one service is slow or hard to use, they will use another that is easier and faster.

Who goes there and why?

At CA Technologies we have solutions for single sign-on and two-factor authentication. We also have the leading solution for credit card authorization that can dynamically detect anomalies and decide if a greater degree of authorization is required.

And new for the mainframe, we are developing content based access control that will allow you to set up policies to control access, changes and movement of data based on what it is rather than what container it is in. This will maximize usage and streamline management while ensuring good control and compliance with regulations.

The possibilities for this are awesome and much needed in today’s Hybrid Cloud infrastructures. Our new Cloud Storage for System z (CS4z) allows applications to seamlessly place tape data onto on-premise, private storage clouds or at public providers like Amazon and Google.

This is an incredible break-through in flexibility for the mainframe. But how do you manage that data placement? How do you stay in compliance with the latest regulations? Do you even know for sure what is on those 10-year-old tapes?

Awareness of data content allows both policy based data-placement and policy-based access control. So old reports that don’t contain personal information can be stored on Amazon Glacier but confidential information must stay in-house.

And if you connect identities to roles, you can limit access to data not only by a file name but also by the metadata that describes the sort of data that the file contains. This is an approach that will be safer, more adaptable and will expand securely to your business needs.

Arriving Home

The best part of my daily commute is of course the walk home. I hope you found value in this series and it helps you along your journey into the application economy.

We are right at the start of our journey and we are all learning from each other. I’d love to hear your stories. What security challenges have you bumped into along the way?

If you have solutions that help Development integrate tightly with Operations, I would love to hear about them too. Just leave a comment below and I’ll be sure to reply.

And I hope our paths will one day cross somewhere along our travels.

Image credit: Ashitaka San

Tips to make DevOps the newest best practice in your organization


In the application economy how does Development mesh with Operations?

LittleBlogAuthorGraphic  David Hodgson, September 15, 2014

DevOps describes an IT culture for developing new application features and rolling them out to the user base at a rapid pace without disrupting operations.

It probably represents a profound change in your organization’s IT culture, a change that adopts agile and lean practices and requires breaking down operational silos so that constant changes can be coordinated to avoid catastrophe.

I am in the middle of a four-part series on how to best navigate your journey into the application economy, drawing allusions with my daily walk to work and back. I introduced four principles and so far we have covered:


In this post I’ll discuss the importance of DevOps to your success in this new era of IT.

On my morning walk up 5th avenue I like to keep moving rather than starting and stopping, and yet I have to cross 28 streets. To do this I must look ahead, predict what the next traffic lights are doing and I adjust my pace so I never stop walking.

DevOps is a bit like this. The challenge is to ensure that an application rollout is never prevented by an operational limitation and operations are never impaired by the rollout of a new or changed app.

Mainframe applications are alive and still running the economy

Since one focus of this blog post is the role of the mainframe in today’s IT, it is worth noting that few companies are doing new application development on the traditional mainframe.

A few are starting to write new Cobol and Java apps to run on z/OS, but these are the progressive minority who are taking advantage of the huge improvements in System z. Most are maintaining their Cobol base, amending it as needed to adapt to business needs.

All IT groups are focused on mobile apps and distributed systems that frequently send transactions back to the mainframe or link to the heavy lifting, mainframe applications. Even without major new application development, Mainframe applications are alive and running the economy.

CA AppDev or DevOps strategy for the mainframe focuses on solving the problems of rapid change in distributed applications that send transactions to be processed by backend application code and transactions on the mainframe.

Relationships are based on communication and understanding

The number one DevOps problem we have heard from mainframe customers is that the development groups working on mobile and web apps do not understand the impact of changes on the mainframe.

Worse, once something is rolled out, the potential bad effect may not be seen for a few weeks until a peak load when the mainframe CPU spikes and causes a failure somewhere else. The root cause is much harder to find in that situation.

It is imperative that such changes are tested with tools like CA LISA Service Virtualization so that impacts to the mainframe are known in advance. It is important that code changes across platforms are coordinated (between Harvest and Endevor for instance) and can then be packaged and rolled out in a controlled way with a tool like CA LISA Release Automation.

What customers really need is end-to-end workflow coordination of the develop, test, rollout and maintain lifecycle. This means clearly communicating among the different groups so that everybody knows what has changed and has the same understanding of the impact of those changes.

And of course you need to be free to choose your tools for this to allow you to use multiple tools or have the agility to change if you want to.

I hope you can join us at CA World this year because we will be showing you where we are with delivering on this DevOps dream and I think you will be surprised.

It’s as clear as a bell

As St. Thomas’s bells chime 8 a.m., I cross over 53rd and into the office. The harmony reminds me of all the parts working together and the sound reminds me of that expression, “It’s as clear as a bell”.

To achieve your DevOps vision you need organizational clarity and effective communication.  If you have solutions that help Development integrate tightly with Operations, I would love to hear about them in comments below.

In the new world of the application economy, we are all learning from each other and sharing will help the industry accelerate.

The problem with sports cars and old school mainframe mentality


In the application economy does security help or hinder your business? Find out what mainframe tools CA Technologies has in store for you.

LittleBlogAuthorGraphic  David Hodgson, September 11, 2014

Comparing a Corvette to a mainframe and worrying about what kind of “oil” to put in it seems to me a bit old school. This perspective epitomizes the “mainframe is special” mentality that will make the platform as irrelevant to mainstream IT as a sports car is to transportation for any sort of productive purpose.

Who needs an expensive sports car?

Of course a Corvette needs special expensive grade oil, and special expensive custom tires, along with the likelihood of maintenance costs being above average. All of this leads to the thinking that it may be unaffordable to maintain such a prized possession.

Thankfully, today’s System z is not such a rarefied, exotic breed. And both CA Technologies and IBM are committed to making the platform as reliable and scalable as any new shiny objects are.

The only way a System z is like a sports car is in the level of performance where, it will outperform other platforms for suitable tasks. However, I prefer the workhorse analogy.

Not only is the mainframe the best platform for the job, it’s solid and dependable, highly reliable and affordable at scale on a TCO, per transaction cost basis – not like a sports car at all.

System z in the application economy

At CA Technologies, normalizing the mainframe is one of our strategic priorities. Although we do like to herald the mainframes strengths we also like to minimize the differences of the platform.

We aim to enable a single converged IT workforce that manages areas across the enterprise, ending the days of a polarized mainframe versus distributed camps. We build solutions along with customers to meet their current real needs with an emphasis on lowering costs and delivering real ROI.

If a vendor tells you they have some especially expensive, supposedly best-in-class software that you can’t live without, take another hard look at that vendor. Did they ask you what your real “go-forwards” requirements are?

Enterprise application development for the real world

So, let’s take the example of testing tools for the mainframe. Sure they are still needed to maintain legacy applications, but close to zero people are building applications on the mainframe today.

Those that do are building Java applications in line with IBM’s strategy of tuning the machine to outperform all others at running Java.

Take a look at the “Corvette” tools someone might try to sell you and see if they will help you debug Java. And of course if you are buying tools why would you want any that felt any different from the tools you use to debug Java elsewhere?

CA Technologies offers an Application Development strategy that rises above testing tools for legacy applications. We know your company is busy building mobile apps that will connect back to Websphere, CICS and the legacy applications on your mainframe. We are building a solution suite that addresses the DevOps challenges of the rapid-build cycles required of IT in the application economy.

If you’d like to test drive what we have to offer in this space please consider joining us at CA World, November 9-12 in Las Vegas.

Oh, and if you want to save money by replacing those expensive tools you bought for yesterday’s strategy then give us a call anytime and we will help you out.

Image credit: Tom Hiltz