On April 8th Syncsort announced Assure Security, a new product that brings together Syncsort’s best-in-class IBM i security capabilities. It enables organizations to comply with cybersecurity regulations and strengthen IBM i security through features that assess security vulnerabilities, control access to systems and data, enforce data privacy, and monitor for security incidents and compliance deviations.
Syncsort’s new on-demand webcast titled, “The New Assure Security: Complete IBM i Compliance and Security,” explains some of the latest security features.
View this webcast to learn all about Assure Security, including:
How Syncsort’s security brands have come together as one
How it automates security best practices and satisfies regulatory requirements
How Syncsort can help you control access to IBM i systems and prevent data breaches
Learn all about Assure Security by watching our webcast where we’ll introduce you to its capabilities and show you how it can help you with all your high priority IBM i compliance and security needs.
I don’t like to admit how long it took me to embrace the cloud. I would not say I was an early adopter. I understood the compute power available in the cloud, but I saw it as an environment for “new” data, not the place where you put your most valuable enterprise data. That type of data, the critical enterprise data, was on premises, often residing in the Mainframe. That is not going to change. Mainframes are going to remain at the center of many critical IT operations for the foreseeable future. They just work too well to be replaced right now. However, this does not mean that data on the Mainframe can’t be brought to the cloud for analytics. The cloud is going to be the focal point of new IT initiatives and the mainframe data is going to be part of those initiatives.
Fortunately for me I was already a cloud believer by the
time I saw Snowflake, so I was ready to appreciate what a game changer it was. It
was a data warehouse that could make full use of the advantages of the cloud
without compromise because it had no debt to an on premise architecture. Storage
and compute were decoupled and each individually scalable without any prior
planning. At the same time, you could access all of this with SQL, which meant
you could start without learning significant new skills and any existing work
you had done elsewhere was readily ported over. It can be as good or better
than any highly curated on premises solution while at the same time being cost
effective and have zero administration overhead.
As capable as Snowflake is, like many modern platforms it still can’t make use of raw mainframe data. The data needs to be transformed before it can be consumed. Making mainframe data accessible outside the mainframe is something Syncsort has been doing for decades now. We started with doing mainframe style sorting on UNIX, but overtime extended our capabilities to include delivering ready to use data to Splunk and Hadoop. We are becoming the “go to” solution for getting your mainframe data into modern analytical solutions.
Syncsort recently announced support for Snowflake, so we can deliver transformed mainframe data directly to their platform. Snowflake isn’t tied to a particular cloud vendor and neither is our solution. Using Connect ETL (formerly DMX) developers are going to be able to source, transform and load Mainframe data to Snowflake within a single flow. Once the data lands in Snowflake it will be entirely indistinguishable from other data source and immediately ready to be using in existing or new processes. I am really looking forward in bringing the capability to our existing customers and also finding new customer looking to bring their valuable Mainframe data to the cloud.
The venerable mainframe has proven to be a stubborn and persistent animal. Predictions of its imminent demise have been circulating for years now, but the mainframe just refuses to go away. Seventy percent of Fortune 500 companies still use mainframes for their most critical business operations. And in a recent “State of the Mainframe” survey, more than half of the respondents indicated that their companies are continuing to create new mainframe applications.
The fact is that with all the drastic changes that have occurred in the IT landscape over the last half-century, the mainframe has managed to adapt so well that it remains a key part of the IT ecosystem. Not only has it maintained its role as the premier engine for large-scale batch and transaction processing tasks, but it is also becoming an increasingly rich data source for external big data and analytics platforms such as Hadoop.
The Mainframe and Big Data
When it comes to important parameters such as reliability, availability, scalability, data security, and concentrated computing power, the mainframe simply has no peer. Says Harvey Tessler, one of the founders of Syncsort, “The mainframe is the go-to computing platform for the overwhelming majority of our largest customers, who leverage its ability to be the backbone for billions of computational intensive transactions for business-critical applications.”
All that activity generates huge amounts of data. And in an age when big data analytics and machine learning are at the forefront of IT innovation, the data accumulated by mainframes is of incalculable value to the companies that own those systems. That’s why the integration of mainframes with Hadoop has taken center stage in many corporate data centers.
The Mainframe-Hadoop Partnership
With the mainframe’s monthly licensing charge (MLC) keyed to peak CPU usage and comprising 30% or more of costs, businesses are interested in offloading as much processing from the mainframe as possible. Some CPU-intensive batch jobs, such as sorting and filtering, can be run much more cost-effectively in Hadoop without impacting performance.
More importantly, tasks associated with storing, retrieving, and correlating huge datasets to enable big data analytics, machine learning, and business intelligence applications can be accomplished much more efficiently in Hadoop, which was designed specifically for that purpose. Plus, because a Hadoop cluster, employing low-cost commodity disk drives, can store data more economically than can mainframe DASD (Direct Access Storage Devices), archival or seldom-used data that the mainframe previously had to commit to tape can often be kept online in Hadoop for immediate use as needed.
How Syncsort Enables the Mainframe-Hadoop Partnership
The partnership between the mainframe and Hadoop has great promise, but faces a major hurdle – the two don’t speak the same language and can’t communicate with one another. Hadoop was designed for the distributed processing environment, with no consideration given to the mainframe at all. In a fundamental way, Hadoop doesn’t even know that mainframes exist.
But Syncsort’s DMX-h knows all about both mainframes and Hadoop, and is specifically designed to bridge the gap between the two. DMX-h shines at integrating mainframe data into Hadoop’s file system in such a way that all formatting and other properties remain unchanged, but Hadoop is able to distribute, replicate, and process it just as it would any other data.
Mainframes Are Firmly Entrenched in the Modern Data Ecosystem
Because it remains the go-to platform for handling business-critical workloads in the most cost-effective manner, and because it is the source and repository for huge volumes of invaluable current and historical data used for business intelligence, big data analytics, and machine learning, the mainframe continues to occupy a central position in the data ecosystems of many companies.
With the expanded use, and high-profile abuses of personal data, the calls for stronger enforcement of data privacy rights get louder every day. In EMEA, these concerns resulted in the implementation of the European General Data Protection Regulation (GDPR) across the European Union (EU) on May 25, 2018. GDPR is a legal framework that is meant to protect the data rights of individuals within the EU by setting guidelines for the collection and processing of citizen’s personal information by any company, anywhere. The implications are huge, given the many uses of personal data for marketing, customer relationship management, business analytics, and many other purposes in the normal course of business. More importantly, with the new regulation in place, and fines starting to be accessed to companies doing business in Europe, is the writing on the wall for regulating personal data from US citizens? To answer that question, we need to take a closer look at data rights, why we need them and how GDPR addresses them.
In part 1, we covered data rights and why we need them. Now we focus on how Europe is handling the regulations and what the outlook is for the future.
The Europeans get it, why don’t we?
The GDPR regulations are well informed and embrace
current and possible future technical realities. The European countries are
leading in terms of protecting the individual, and I find that somewhat
surprising given that here in the US we love both individual freedom, and transparency
and accountability for those in power. Could it be that our fear of the power
of “big government” is blinding us to the peril of big corporations and the
control they can have on our lives? The latter can actually be more insidious
as it is usually less transparent. But it should be burned into our psyche
through sci-if films like Robocop, the Skynet of the Terminator movies, and
many other examples. As the AI age is dawning wouldn’t you like to know what
information a company has about you, whether it’s correct in your eyes and what
they are using it for?
How will all this work out?
Data is way more than the “new oil” metaphor that is sometimes used; it is the very fabric forming the future. The creative use of it will decide winners and losers between those that compete. The accuracy of it will determine the effectiveness of data-fueled technologies and along the way, the use of it will continue to re-shape our society.
I am essentially a technological optimist when it comes to the long-term effects of change on society. I believe that technology helps us, more than it harms us, and that when it harms us it is either through lack of understanding or the bad motives of some, and that both things can be offset and controlled by the rest of us.
To fully unlock the potential that any technology has to do good, it needs to be well understood and usually steered by laws with penalties. The GDPR tops the list on penalties too. Last November, seven European countries brought a GDPR violation case Google, based on the claim that it’s location tracking practices are not clearly communicated to users and there isn’t a sufficient capability to opt out. The potential fine Google could see is 4 percent of their global revenue which is something in the order of $4B in their case.
Righting the future
GDPR was a much-needed move and, although it probably reflects a generation that craves privacy more than the Z’s that have grown up connected, it is also our job to bequeath them wisdom. I’m glad that the Europeans extended the benefits of their act to the rest of the world, but I would like to see the US take a leadership position on this new landscape of democracy and individual freedom. I am convinced we need something similar to the GDPR for the US, and once we take our more American stance we can perhaps harmonize the laws to reshape the less practical aspects of the European regulations.
It’s only a matter of time before we have even tighter, more responsible laws governing data privacy here in the US. Despite many existing controls and admirable self-policing initiatives by companies like Apple, what is lacking is an emphasis on the data rights of the individual. That’s why it was exciting to see Apple CEO Tim Cook take a leading position on this starting last October when he addressed a conference on Data Privacy in Brussels. Without sounding hysterical, he talked about a “Data industrial complex” which is “being weaponized against us” and the need for data rights that prioritize our humanity. Shining a light on individual data rights is necessary, and global companies can fully expect the need to comply with more regulations in the near future.
GDPR is very deliberate in defining and talking about “natural persons” having digital rights. I am just waiting for the next round when AI’s, or digital persons, claim that they have rights too. Welcome to life, liberty and the pursuit of happiness in the Digital World!
With the expanded use, and high-profile abuses of personal
data, the calls for stronger enforcement of data privacy rights get louder
every day. In EMEA, these concerns resulted in the implementation of the
European General Data Protection Regulation (GDPR) across the European Union
(EU) on May 25, 2018. GDPR is a legal framework that is meant to protect the
data rights of individuals within the EU by setting guidelines for the
collection and processing of citizen’s personal information by any company,
anywhere. The implications are huge, given the many uses of personal
data for marketing, customer relationship management, business analytics, and
many other purposes in the normal course of business. More importantly, with
the new regulation in place, and fines starting to be accessed to companies
doing business in Europe, is the writing on the wall for regulating personal data
from US citizens? To answer that question, we need to take a closer look at
data rights, why we need them and how GDPR addresses them.
What are Data Rights?
The European General Data Protection Regulation (GDPR) defines at some length (most specifically in Chapter 3) what it means by data rights, and discusses the operational ramifications for companies that come under its reach. In practical terms these come down to four main concepts that, as individuals, we would probably all assent to:
The right to know what data is being collected about you, by whom and for what purpose
The right to have the personal data kept about you minimized to what is essential
The right to access that data and help correct errors in whatever is being collected
The right for that data to be kept securely and to be informed of any data theft
There is also discussion of a “right to be forgotten”, extrapolated by some as a right to be anonymous, which to me, feels both impractical and somewhat antithetical to the idea of the very social system that would afford you any protections at all. If you are a participating member of a society, contributing and receiving benefits, it has always been true that you are not anonymous, and you are accountable for your actions. In today’s connected, data-driven world I think it is just totally unrealistic to imagine that you can force someone to remove all trace of you. You certainly have the right to attempt to do something anonymously, like writing a book under a pseudonym, and of course you can still attempt to do that in a digital world.
Why do we need these rights?
Ever since writing was invented organizations must have collected
data about their customers, their members etc. Computer systems with extensive
electronic records of data about people have been around for more than 60 years,
so what has changed that we suddenly need Data Rights?
What has changed are the powerful ways that collected
data can be used to affect our lives, and the volume of data that is being
collected. In our online, connected world, data is generated by us all the time
in every digital interaction, and a lot of the time we may have no awareness of
it. In most cases this is a good thing that we need to keep us safe. Transactions
can be verified, fraud can be detected, and criminal activity can be surveilled
and prevented. But the very logs and traceability that can keep us safe can
also be a source of personal exposure.
Even with regulations that limit scope by restricting
personally identifiable information (PII) in any system or database, it is
relatively easy for companies to gather data from many sources, including
social media, and then correlate and associate information to build complete
profiles of buying habits, movements, lifestyle, friendships and affiliations
etc. You should have the right to know how people are trying to influence you
and you can decide when these attempts are helpful to you and when you would
rather they stopped.
As companies start implementing hyper-personalization techniques to target their products and services, ever more specifically, to the people that they think will buy them, the risks of identity exposure become even greater. It is not news that Identity Theft is becoming a growing problem and it will grow in proportion to the value of the data that companies have that is worth stealing. You should have the right to protect your identity and ensure that you are not losing control of your data to people who abuse it and in the worst cases, steal from you.
Lastly along with all the techniques of collecting and blending sources of data comes inaccuracy. You should have the right to be sure that what people are recording about you is the truth. Most inaccuracies are mistakes of data processing, but increasingly we are experiencing the phenomenon of deliberate falsification or “fake news”. You should have the right to contest and correct any errors especially if there is a deliberate attempt to change the truth.
Be sure to check back for part 2 where we cover how Europe is handling the regulations and what the outlook is for the future.
Data Governance practices can help us drive business advantage from improved customer experience to better supplier relations – leading to more sales and lower costs. New regulations are making data governance a must-have, not a nice-to-have but data governance doesn’t come without its challenges. Syncsort’s new eBook titled, “Fueling Enterprise Data Governance with Data Quality,” discusses how data quality is strengthening the overall enterprise data governance framework.
We are operating in a world where our expectations about what data can do are growing while, at the same time, trust and confidence in data is declining. Organizations are implementing data governance best practices to help drive business advantage, improve customer experience, better supplier relations and meet regulatory compliance but the effectiveness of these practices is tied to the quality of data used.
In this eBook, we’ll discuss:
How data quality and data governance have a symbiotic relationship
How changes in data quality can undermine trust
How to more than simply “understand” your data
How to get data quality and data governance moving in your organization
The accuracy of data directly impacts any activity downstream. Data quality not on strengthens data governance compliance; it also means you make better business decisions.
In Part 1 of my Q&A with Syncsort CEO Josh Rogers, we covered his background and journey to the chief executive chair. In this second half, Josh discusses how he manages culture, acquisitions, communications, and his unique role as CEO – and why you shouldn’t believe the negativity about millennials.
Culture is important to most CEOs. How do you measure and monitor the pulse of culture at Syncsort?
Everyone has a culture. The question is: Is it the one you want? As I mentioned, we have grown aggressively both organically and inorganically. We’ve had the challenge of outside individuals and groups coming in via acquisition. To do a better job of assimilating these acquisitions, we hired a CHRO last year. She has put a few different things in place to help.
In the fall of last year, we administered an engagement survey to get an initial understanding of how employees feel about the company – what we’re doing well and not so well. Based on that, we launched a program to develop an explicit set of values this spring. It is important work. This is not something we’re making up from scratch. We want to harness what the culture really is. As a CEO you have to shape it. One of my themes is to strive for transparency, engagement, and collaboration. These are things we are doing well, but there is an opportunity for us to be more explicit and programmatic.
In addition, Syncsort has organically cultivated an R&D team that is about 40 percent women. These high percentages set Syncsort apart from most other tech companies and have attracted more women to apply.
What role does the CEO play during an acquisition?
The CEO needs to understand what the strategy is and ensure that the entire executive team is bought into it. Then he or she needs to ensure the company is executing against the integration plan. Post-acquisition, the CEO should be an ambassador to the newly acquired employees. They need to know what the rationale of the combination was and why there is a great opportunity in front of them. This is something I spend a lot of time on. Last week I was in Raleigh visiting a new team from an acquisition we made in November. I spoke with the CEO, CTO, and each individual employee to learn what’s going well and what’s frustrating them. It’s a great opportunity to learn from each other. If you take the time to do that, from my experience the acquisition employees appreciate it. What we’ve seen in our acquisition program is that there are great benefits from leveraging the talent that’s brought in via acquisition. Some of our senior leadership are contributing well beyond their original role and are great success stories of our acquisition strategy.
What do you tell these newly acquired employees when they ask what do you do as CEO?
For me it’s a couple of things: I try and understand what is working in our business and what’s not. What products are selling? Is our campaign messaging resonating? What development activity do customers care about? My job is to help us keep doing things that are working and stop those that are not working. We’ve developed a cadence in the way our executive team operates. With reporting and analysis we put resources behind things that are working and things that fit into long-term trends as well as our long-range planning. I ensure that the machine operates as efficiently as possible. Then I look a little bit further out to determine, given our capability set, what longer-range opportunities we need to exploit.
At your company size you are removed from the frontline workers. How do you ensure they are reflecting your values and vision for the organization?
It’s about that cadence. We have lots of town halls at the local office level and on a regular basis companywide. For our all hands meetings, the video is streamed to all offices. We send out a survey beforehand and during the Q&A portion, we answer every question. Some are questions that no one wants to ask and some are frankly fairly tactical. What we’ve found is that this level of transparency drives good response from the employees. Everyone knows they have a voice and the ability to ask questions, and that the executive team will give them an honest answer.
You’ve spent 10 years in management at Syncsort: How has your management approach changed over that time?
Patience is a virtue: My Grandfather ran a business and always said his number one goal was to be “impatient slower.” The reality is the more you can listen, the more you can sit back and really hear what employees and leaders in the company have to say. You can create the right environment from a cadence and culture perspective. If you do that, the answer will emerge. As a CEO your job is not to provide that answer. It’s to provide a system to help the team answer the question.
With your unique perspective, what trends or issues do you think other CEOs should be aware of?
I want to address the millennial topic. I read a lot in the press about the dynamics of hiring and retaining millennials. I think Syncsort needs to do a better job bringing young people into the organization. Those who we have brought in are unbelievable. I’ve been impressed with their work ethic and desire to learn and contribute. If you create the right opportunities for engagement and real contribution, you’ll see amazing results. That’s what we’ve seen. So I don’t believe the negative stories about millennials. The talent and intellectual curiosity we’ve brought in will serve us well for years to come.
Josh Rogers is CEO of Syncsort, a B2B software company that helps businesses organize their data. Since taking the helm in 2016, this first-timer has led three years of major growth, both organic and via nine acquisitions that have quadrupled Syncsort’s size. He has quadrupled revenue, increased their customer base to 7,000+ (including 84 of the Fortune 100), and expanded their solution set.
No stranger to evolution, the 50-year-old company is looking steadfastly towards the future of data under Josh’s leadership: They are exploring how they can support blockchain, AI, and machine learning.
Here’s how Josh got to be CEO after a long career at Syncsort and how he leads.
When you were starting out in your career, did you aspire to be a CEO? Either way, how did you end up becoming one?
I went to Davidson College, which is a small liberal arts institution. I was an economics major and directionally found the business world interesting. Based on classmates ahead of me and my recruiting options, I pursued a role in finance. I ended up getting involved in M&A for a regional boutique bank and then at Wells Fargo and Bank of America. These were great opportunities to learn about business.
Was there any point where you thought the CEO role might be interesting?
When I worked at a private equity firm (Bank of America Capital Investors), I had the opportunity to attend board meetings and got excited about the operating side of business. I heard the CEOs of our portfolio companies discuss their various strategies. It seemed like an exciting role they were playing. It was challenging but their success was gratifying. That was something I wanted to be a part of in my career.
You’ve had a long career at Syncsort, starting in sales. What was it like to take your first real multi-functional role with the President title?
It was a great experience, because I could steer the ship faster than in my VP of sales role. I originally joined Syncsort as a regional sales leader for the Americas and quickly became VP of sales. It was an exciting time for me. In my executive sales role I always had a bigger influence on the company than just my function. That was partly because I was a very curious salesperson/leader. I wanted to know why customers were making decisions. Why did we lose a deal, for example?
In general, I studied industry trends and knew there was a bigger opportunity for Syncsort in the big data space. I partnered with the heads of product, technology, and marketing to craft what that strategy could look like. When I proposed that strategy to the board, they liked it and asked me to implement it as President. I became responsible for all of the business line functions, including development, support, marketing, business development, sales, and more. You can make decisions a bit more quickly when you have a single leader in charge of the entire strategy.
In my experience, sales leaders have had strong ideas about what I should be doing differently as CEO. Today, is there anything you told your CEO as a sales leader that you now realize was not correct?
That’s a great question. We were always a pretty collaborative leadership team. That continued as I took over the President role. I did not get it exactly right out of the gate. One difference when I became President was a focus on data. For example, when we lost a deal we analyzed why and learned from that. It wasn’t about which function was doing things right or wrong, but what is the data showing us? Then we would adjust the strategy to win the next deal. This resulted in the Big Iron to Big Data positioning of Syncsort today.
Is there one area that you’ve found more challenging as CEO?
I would say that each of the functional disciplines has been a great learning opportunity for me. All are complicated in their own right, so I’m not sure I could hold up one as being the most challenging. Being a liberal arts graduate, you learn how to learn, so that’s what I’ve tried to focus on as CEO. Since I came up through sales, probably my biggest challenge is that I spend more time on the other functions.
Are there areas you would have studied if you’d known you would become a CEO?
Deeper technical expertise would have been useful. In our development process, it would make it easier understand what is and is not possible. Although this has not been a major hindrance for me.
What would people say has changed with you as CEO of Syncsort compared to your predecessor?
That is a dangerous question, considering my predecessor was Lonne Jaffe who is currently on our board of directors! In many ways I am executing a strategy that Lonne put in place. It’s a dual strategy, both organic and inorganic. We have evolved that pretty significantly. The biggest change frankly is that we’ve figured out with a high degree of conviction that the strategy is working. We’ve been able to put significant resources towards it and figured out how to scale those components to execute quickly against the strategy. As a result, we have quadrupled Syncsort’s revenue and employees since I became CEO. We’ve been able to anticipate where the market is going and figure out where Syncsort can help bridge that gap for our customers, using their existing solutions as a base. We’ve also focused the sales force on targeted sales plays where Syncsort has competitive differentiation.
How would you categorize how you spend your time? Internal vs. external facing?
I recently did an analysis on where I’m spending my time: It’s about 40 percent external and 60 percent internal. That is about right. There are times where I’d like to be higher on external. In Q2 and Q3 I am about 50 percent external. In Q4 and Q1 where we are planning for the year, I’m about 60 percent internal. Generally I’d like to run even, but it runs a bit more internal.
On strategy vs. tactical issues, I spend about 25 to 30 percent of my time on strategic issues. I wish it was closer to 40 percent. We made several tactical moves last year to propel our growth, including several transformational acquisitions. That’s why I spent more time on tactical to ensure those larger acquisitions were seamlessly integrated. In the future, hopefully I can shift my time to more long-term strategic planning.
modern businesses are powered by IT. To get ahead in competitive business
environments, companies continually pursue strategies that achieve and maintain
an IT advantage. In recent years, many companies have moved from managing their
IT environments in “silos” to managing IT services from an enterprise point of
view. These companies have achieved IT process improvements that better align
IT services with current and future business needs.
of IT Operations Management solutions promises to take IT strategies to the
next level through complete visibility into all areas of the IT infrastructure,
and companies are increasingly deploying these solutions to help optimize the
management of their IT environments. ServiceNow is
one IT Operations solution that is being adopted at a rapid rate to support IT efforts
to maximize their business’ competitive advantage.
Discovery and the Heart of IT Operation
fuels the ServiceNow solution. It is the process that ServiceNow uses to gather
information on computing resources (commonly referred to as Configuration Items
or CIs) in the IT infrastructure. The Discovery process populates the
ServiceNow Configuration Management Database (CMDB), which sits at the heart of
any ServiceNow solution.
Discovery finds physical and virtual devices such as laptops, desktops, servers (physical and virtual), switches, routers, storage, and applications, as well as the dependent relationships between them – both on-premise and in public clouds like Amazon Web Services and Microsoft Azure. It is important to remember that Discovery is not a “one-and-done” operation. It needs to be a regular, repeated process that populates the CMDB with accurate information about your environment. Changes must be continuously discovered and reflected in the CMDB. To learn more about the CMDB, grab this CMDB for Dummies paper from ServiceNow.
Having an accurate, up-to-date view of the IT environment helps to speed incident resolution and provides critical, early visibility into the health of business services. In fact, ServiceNow claims that a well-configured CMDB can save businesses as much as 40% in IT costs—and help to avoid the costs of unplanned outages. Without an accurate, comprehensive Discovery process to populate the CMDB and provide a complete picture of the infrastructure, critical IT functions like incident management, service modeling, performance monitoring and troubleshooting are impaired.
Ironstream Completes the ServiceNow Picture
Unfortunately, ServiceNow® Discovery
does not address traditional IBM systems, like mainframes or IBM i servers, in
the Discovery process. That means that organizations with IBM z and IBM i
servers have gaps in the CMDB that is critical to so many IT efforts.
Syncsort Ironstream focuses on enabling IT organizations to integrate the data and information from traditional IBM systems into today’s popular IT Analytics platforms. We recently announced Syncsort Ironstream for ServiceNow to provide a solution for ServiceNow Discovery customers who want visibility into traditional IBM systems in their ServiceNow CMDB. Ironstream for ServiceNow works seamlessly with ServiceNow Discovery processes to provide visibility into these critical systems alongside all other IT resources – filling the blind spot that otherwise exists.
Cybercriminals continue to be as active and sophisticated in their attacks as they’ve ever been. In 2018, companies suffered more than 6,500 major data breaches that compromised vital personal and business information. No matter whether your organization is a large enterprise or a smaller company, you can be sure that sooner or later you will be targeted. As IBM CEO Ginni Rometty has said, “Cybercrime is the greatest threat to every company in the world.”
In order to protect against an ever-widening array of cyber threats, organizations must be able to immediately detect and quickly react to attempted intrusions into their IT systems. Providing the information and analytical insights required to accomplish that is the role of SIEM — Security Information Event Management.
How SIEM Protects Your IT Systems
SIEM systems work by collecting and integrating security-related information from throughout an organization’s IT infrastructure. That data is correlated and analyzed in real time to reveal patterns of activity that may indicate an attempt at intrusion. If such activity is detected, the SIEM system issues alerts on its dashboard (and even by email), and may automatically institute rules-based remedial actions to block the attempted breach. It will also log pertinent information for later forensic analysis.
Mainframes and SIEM
At one time, mainframes were considered to be inherently secure due to their isolation from the outside world, and their rock-solid security protocols that have been refined over decades. But today, because they are central to a variety of internet-based applications such as online transaction processing (OLTP), mainframes have become more vulnerable to, and targeted by, cyber attacks than ever before.
SIEM, now the industry standard for top-fight IT security, was developed in and for the distributed processing environment. Mainframes, which require an entirely different set of technological skills from those common in the distributed systems world, were simply not considered.
Although mainframes generate more than 200 different types of log data through features such as resource access control facility (RACF), until recently there was no way to deliver that information in real time to industry-standard SIEM platforms. That’s the cause of what’s been called the “mainframe security gap” in which a company’s SIEM system has access to needed information from all parts of the organization’s IT infrastructure except for the big iron at the center of it.
But now Syncsort’s Ironstream® is bridging that gap.
The Syncsort Ironstream® Solution
Syncsort Ironstream is the industry leader for automatically collecting and forwarding IBM mainframe information to SIEM platforms in real time. Although Ironstream works well with almost any SIEM solution, a good example of its value can be seen in its tight integration with Splunk Enterprise Security (ES). Although rated by Gartner as the industry’s premier SIEM solution, Splunk ES has no native capability for accessing mainframe security data. But with Splunk ES and Syncsort Ironstream working together, that deficiency is completely overcome.
Ironstream captures data from a wide range of z/OS sources. For example, the Ironstream RACF Monitor facility highlights metrics such as data set updates, authentication events, and superuser activity. Other mainframe data sources include Syslog, SyslogD, Db2 tables, Unix System Services file systems, and more. Ironstream maps these disparate data formats to the Splunk ES Common Information Model (CIM), allowing Splunk to obtain an enterprise-wide view of security-related activity.
The combination of Syncsort Ironstream with Splunk ES provides a truly comprehensive integrated SIEM solution.