Phil Young has been doing these talks for several years and some of the tools are posted on his Soldier of Fortran site.
He is absolutely correct in that some sites are complacent in their "the mainframe is secure" attitude and that, like every other platform, z/OS requires a continuous "evaluate-correct-test-rollout-rinse-repeat" security cycle ... Since security implementation on z/OS, independent of the tool, is the realm of either the sysprog (with little time to deal with it on a daily basis) or the security staff (where dedicated z/OS specialists are few and far between) - this can and does lead potential gaps in coverage. Ignoring the problem doesn't make it go away (however, Ashley Madison users' "most sensitive information" was never on z/OS). MZ -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Robert Harrison Sent: Wednesday, August 19, 2015 1:27 AM To: [email protected] Subject: Mainframes open to internet attacks? >From technologyreview.com: http://www.technologyreview.com/news/540011/mainframe-computers-that-handle-our-most-sensitive-data-are-open-to-internet-attacks/ Really? Robert Harrison ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
