Clark Morris wrote: >Running 1.4 on any system that isn't isolated is the equivalent >of running Windows XP.
I think Charles Mills provided some interesting, useful follow-up remarks. I wholeheartedly agree that sole reliance on "perimeter" defense no longer makes sense, if it ever did. Risk assessments and comparisons are tricky, but let me expand on Charles's remarks a bit. In my view, the risks of being backlevel are probably greater than Clark's analogy suggests. Windows XP (final Service Pack) reached Microsoft's End of Support on April 8, 2014, except for certain variants (point of sale/embedded variants, mainly). z/OS 1.4 can beat that, by several years. z/OS 1.4 reached its End of Service date on March 31, 2007. For perspective, that date was before Apple's first iPhone shipped. That's over a decade of security improvements and patches that just aren't available for z/OS 1.4. That's a lot! Another problem is that z/OS is almost always handling an organization's core data, including most of its most sensitive data. "Slightly important" data like financial account balances/transactions, personnel and payroll files, work orders, shipments, inventories, price files, reservations, and medical insurance records, as examples. And usually that's across a broad swath of enterprise data, in multiple domains for multiple applications. Windows XP may or may not be doing that, and may or may not have such broad based data access. It's an interesting question whether a vendor, such as a tools vendor, has a responsibility to inform a client of these risks, or at least the nature of these risks. I'd vote yes, that any/every vendor should provide at least a brief caution/reminder when attempting to support a client that is no longer receiving security updates or has not applied available HIPER updates at least "reasonably" expeditiously. -------------------------------------------------------------------------------------------------------- Timothy Sipples IT Architect Executive, Industry Solutions, IBM z Systems, AP/GCG/MEA E-Mail: sipp...@sg.ibm.com ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
