Business Management

Integrating Host Systems with Modern Security Frameworks

Provided by Micro Focus

Category Business Management

Type White Paper

Length 11

Publish Date February 07 2018

Date posted February 07 2018

Overview

Once upon a time, host systems lived in a secure world. Host data traveled a protected path to and from a trusted terminal. The host knew who the user was, where the data came from, and where the data was going. Times have changed. Today we have open networks, service-oriented architectures, and hackers who hack faster than IT can patch. Host security hasn’t kept up. Traditional host-access security leaves data dangerously exposed in a number of ways: Weak, Decentralized Authentication   Simple eight-character passwords may be all that stand between a malicious hacker and your critical host data. Host-based authentication, by itself, cannot leverage the full power of the identity management system used by the rest of the enterprise. Weak, Decentralized Authorization   Once logged onto the corporate network, a user has easy access to your host applications. That means an attacker need only steal a user’s eight-character host credentials to trespass into personal data fields. Decentralized Auditing   Host-access auditing is performed by each host, based on each user’s host ID. When multiple hosts are involved, security administrators have to examine the logs on each one—comparing the user ID for each host to the user ID for the enterprise—to build a complete audit trail. Problematic Encryption   Until the arrival of SSL/TLS encryption in the 1990s, data and passwords traveled between the client and the host in clear text. There was no safe haven from prying eyes. SSL/TLS solved the encryption problem, but not without a catch: Encrypted traffic cannot be monitored in the DMZ—which means IT security is forced to allow traffic through without knowing anything about the content.   Lack of Centralized Control Because authentication, authorization, and auditing can be applied only at individual hosts, the central security team cannot effectively monitor and enforce the use of enterprise security policies.

Recommended for You

phil-muncaster

How a Washington crackdown on Huawei could backfire for everyone

Phil Muncaster reports on China and beyond

dan2

5G is over-hyped and expectations need reining in

Dan Swinhoe casts a critical eye on the future

keri-allan

What can we learn from tech initiatives in the Middle East?

Keri Allan looks at the latest trends and technologies

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should the government regulate Artificial Intelligence?