Integrating Host Systems with Modern Security Frameworks

Provided by Micro Focus

Category Security

Type White Paper

Length 11

Publish Date February 07 2018

Date posted February 07 2018


Once upon a time, host systems lived in a secure world. Host data traveled a protected path to and from a trusted terminal. The host knew who the user was, where the data came from,
and where the data was going. Times have changed. Today we have open networks, service-oriented architectures, and hackers who hack faster than IT can patch. Host security hasn’t kept up. Traditional host-access security leaves data dangerously exposed in a number of ways:
Weak, Decentralized Authentication
Simple eight-character passwords may be all that stand between a malicious hacker and your
critical host data. Host-based authentication, by itself, cannot leverage the full power of the
identity management system used by the rest of the enterprise.
Weak, Decentralized Authorization
Once logged onto the corporate network, a user has easy access to your host applications.
That means an attacker need only steal a user’s eight-character host credentials to trespass into
personal data fields.
Decentralized Auditing
Host-access auditing is performed by each host, based on each user’s host ID. When multiple
hosts are involved, security administrators have to examine the logs on each one—comparing
the user ID for each host to the user ID for the enterprise—to build a complete audit trail.
Problematic Encryption
Until the arrival of SSL/TLS encryption in the 1990s, data and passwords traveled between
the client and the host in clear text. There was no safe haven from prying eyes. SSL/TLS solved
the encryption problem, but not without a catch: Encrypted traffic cannot be monitored in the
DMZ—which means IT security is forced to allow traffic through without knowing anything
about the content.
Lack of Centralized Control
Because authentication, authorization, and auditing can be applied only at individual hosts,
the central security team cannot effectively monitor and enforce the use of enterprise
security policies.

Recommended for You


US ‘hacking back’ law could create a cyber wild west of vigilantism

Dan Swinhoe casts a critical eye on the future


A c-suite guide to blockchain 2018

Kathryn Cave looks at the big trends in global tech

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



If it were legal, would your organization hack back?