Protecting sensitive mainframe data with CA Data Content Discovery



How a new software solution from CA announced recently at CA World can help your business conquer the mainframe data mountain and protect your organization’s most sensitive data.

 LittleBlogAuthorGraphic David Hodgson, December 8, 2015

Your mainframe has been collecting data for years — probably decades — and you rely on it to run your business and the apps that serve your customers. But over the years, its collected mountains of records and files, many of which contain sensitive data that require special controls stipulated by government regulations.

With so much information residing in your mainframe, it’s hard to locate regulated or sensitive data when you need it (and takes up far too much time). You may not be limiting internal access appropriately, and copies may end up somewhere else, without proper access control. At last count, 400 mainframes worldwide are connected directly to the Internet and accessible to anyone via a login screen.  So yes, while mainframe remains the most securable platform – it isn’t 100 percent immune to data breaches.

Recently at CA World in Las Vegas, CA Technologies announced two new mainframe solutions to help organizations become more agile. One of these new solutions, CA Unified Infrastructure Management for z Systems, supports our DevOps portfolio and helps customers accelerates problem resolution with a unified view across mainframe and distributed systems.

In this blog I’d like to focus on the new solution, CA Data Content Discovery that supports our Security portfolio. Bottom line, if you don’t know where your sensitive data is, you can’t protect it. CA Data Content Discovery scans your mainframe data to identify the location of data that matches regulations such as PCI, PII or HIPA, so you can make business decisions around securing, encrypting, archiving or deleting those records.

This isn’t just good business sense; it will help you address potential audit findings and risks.

If it ain’t broke, why fix the mainframe?

But why now? After all, the adage “if it ain’t broke, why fix it” often applies to mainframes. But these days, mainframes are not only tied to mission-critical applications, but those applications now face your customers through the web and mobile apps.

In the application economy, the mainframe plays a key role in how apps perform — and how happy your customers are.

Unknown unknowns: trust isn’t a strategy 

The stakes for mainframe security have changed.  In a recent blog post, Jeff Cherrington offers a colourful history lesson and metaphor comparing mainframe security to the evolution of fortifications of medieval castles.

The plain fact is today’s application economy puts different demands on the mainframe data – everyone wants in!  The Chief Digital Officer wants access to systems of record for his pet big data project or some backup project didn’t follow all the necessarily controls – the fact is mainframe data is moving off the platform when it shouldn’t be and if it needs to – let’s at least know about the location of that sensitive data and apply the right controls.  Companies that make security a priority understand that blind trust and “nothing will happen” isn’t the solution.

With the right tools and processes, you can be confident to leverage the mainframe as part of your digital transformation while safeguarding sensitive and regulated data. CA Data Content Discovery has three distinct advantages:

  • Find: You can locate regulated and sensitive data using data-pattern scanning, helping to gain insight into the magnitude of potential data exposure on z Systems.
  • Classify: Once you’ve found the data, you can prove to auditors that you’re compliant with regulations (controls are checked by data type and content).
  • Protect: Critical data never leaves the z/OS platform. Integration with CA ACF2, IBM RACF and CA Top Secret for z/OS means you can quickly visualize who has access to regulated or sensitive data.


For more details, check out the Data Content Discovery page.

It’s not enough these days for organizations to embrace software — they need to use it strategically. And that includes the mainframe.

In the era of digital transformation, organizations need to be more agile — and this is possible, even with legacy systems. With the right tools, people and processes, it’s possible to bring your mainframe along on the digital transformation journey.