Last Updated: 24th July, 2022

Modernizing or Replatforming: There’s no absolute scope undermining the importance of security on mainframe systems. They manage high data volumes for healthcare, banking, retail, and other industries where it is imperative to manage sensitive, personal information. In fact, about 220,000 encrypted transactions per second can be addressed by the IBM z15 mainframe (19 billion per day).

There is some disagreement, however, on the best way to preserve the security of these frameworks. There has been a rip-and-replace trend, with businesses gleefully replacing their legacy systems for distributed x86 systems and solutions focused on the cloud. Yet, according to an IDC white paper, endorsed by Rocket Software and entitled “The Quantified Business Benefits of Modernizing IBM Z and IBM I to Spur Innovation,” not only are such drastic steps obscene, but they are also less effective.

Why Are So Many Companies Rethinking Their Mainframe Modernizing Or Replatforming?

Whether it’s modernizing their existing platforms or replacing them completely, many companies are actively rethinking their mainframes because of the pressure to perform the digital transformation. This has only increased as companies are forced to find socially distant solutions quickly due to the pandemic, digitizing processes that used to be handled in person or on paper.

When it comes to capabilities, most businesses in the IDC study found that their new platforms didn’t necessarily provide upgrades as much as the alternatives. In other words, the new platforms solved different problems. So while you may be thrilled to find that replatforming makes a particular task easy, you’re likely to find that it also makes a previously routine task more complex.

As for the expense of upgrading compared to replacing, the data show that the hardware costs are similar, but that modernizers end up paying less for software, staffing, consulting, and general disruption. For IBM I or IBM Z-based businesses, when comparing how much is spent on hardware, modernization project costs are an average of 1.7% and 3.5% less, respectively, than what replatformers spent. Replatformers, that migrate operations to the cloud, will also accumulate new operational expenses over time.

Finally, when it comes to upgrading or replacing mainframes, money isn’t everything. The IDC white paper reports that companies that upgraded their platforms, rather than replacing them entirely, were consistently happier with their decisions. It turns out that all that training, platform integration, and other problem-solving that goes along with such a major paradigm shift isn’t just expensive — it’s frustrating.

What Modernizing Or Replatforming Means For Security?

The constant concerns that apply typically to updating or replacing mainframes also carry over to mainframe security. Switching to replatforming will develop some aspects of security easier and others more complicated. Identically, modernizing on the same platform is most effective for maintaining security if you update your system regularly.

What remains at the foundation of mainframes when it comes to security nevertheless is their reliability. This is the reason why companies in significant industries, like nine out of 10 of the US’s top insurance providers, rely on IBM Z to process their data. Other platforms simply do not stand up to the impenetrability of mainframes.

Let’s start with resistance to malware. One of the most conventional ways for harmful programs to infiltrate a system is to trick the user into executing a file, usually by being attached to or disguised as a seemingly legitimate document or program. This is practically impossible in a shared z/OS system, primarily due to the specialized operating language used by these systems. It’s not like it’s running a standard OS and a user will think they’re installing a new internet browser or media player.

This specialized OS is then reinforced by the mainframe’s Resource Action Control Facility (RACF). Unlike Windows machines and servers where user permissions start at a default level and have to be limited by the IT team, mainframe users start with next to nothing. Every permission has to be granted, meaning that the average user will not have the ability to install software (legitimate or not).

This equally applies to any external services requesting mainframe access, which has become an increasingly routine event in today’s online and interconnected world. Consider of how many external services your enterprise relies on and imagine every one of them as a potential target for hackers. If a third-party service is compromised, your data can be compromised as well. But with the mainframe, the default permissions (or lack thereof) help secure your data even if a vendor service is attacked.

Even if there is a security issue, you’ll know about it. Mainframes log every unique action made by every user, and there’s no way to obstruct or eradicate it. This established record helps track suspicious activities and makes it impossible for hackers to disguise their actions.

If you’re rethinking your mainframe platform, you’ll be hard pressed to consider a more effective alternative than upgrading to its most recent incarnation. From money hoarded, security provided, and general satisfaction, the data shows no other option even comes close.