File Transfer Protocol (FTP) is widely used within z/OS environments. Most organizations allow FTP operations in their mainframe network because FTP is easy to deploy and use. And most organizations are not aware of how to check which FTP operations are legitimate and which ones carry vital data into the hands of hackers.
Unsecured FTP traffic in organizations
The FTP protocol was designed primarily to communicate and share files, with no provisions for data security. By default, FTP operations cannot handle stringent security requirements, leaving data transfers vulnerable to thefts. This makes FTP an opportunity for hackers to cause data breaches in organizations.
Internal breaches in organizations
A Ponemon Institute study says that 41% of all data breaches occurred in mainframe environments. The study also clarifies that 75% of all data breaches in the U.S. were caused from inside the network.
Still, many organizations are unaware of the amount of business-critical data getting transferred out of their networks through their unsecured FTP operations. And many organizations assume that data breaches of their networks occur due to external threats.
FTP governance standards
In order to secure their data, organizations need to guard against internal threats more than external ones. They need appropriate mechanisms and tools to control, monitor, and audit their FTP facility to keep the data transfer process secure and compliant. Organizations need to have a defined set of policies with respect to data transfers to and from their mainframe environments, and a proper set of procedures to ensure compliance with those policies. Organizations also need to comply with regulatory standards applicable to their businesses, like the Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act, the PCI DSS (payment card industry data security standard), etc.
Guarding the FTP processes
In order to make FTP secure, organizations require third-party software that not only integrates with the existing z/OS FTP processes smoothly and seamlessly, but also enriches the z/OS system with control, monitoring, and auditing capabilities. The software should log all data access and transmission on the z/OS system. That enables the IT staff to identify who authorized each transfer, who initiated it, who received it, and whether the transmission succeeded. Control, monitoring, and auditing tools need to meet stringent regulatory standards, which will help validate the evidence during any legal case.
Many organizations do not monitor their z/OS FTP traffic due to ignorance. Some may not know that FTP is unsafe, while others may not realize that they can control it using additional tools. Use of mainframe FTP monitoring software enriches the z/OS system with the monitoring and auditing capabilities industry demands, making it more secure.