• September 24, 2018

The power of terminal emulation in 2018: simplifying security, facilitating compliance

securityWhile organizations have been using terminal emulation on mainframes for 30+ years, the tech landscape has certainly changed around them. The good news is that terminal emulators have evolved dramatically as well.

Suffice it to say that for many large organizations, mainframes continue to be a very secure and viable option for running mission-critical programs and storing and managing Big Data. If you are looking for five nines–when your applications can’t go down for even a second–people are still turning to big iron.

Today’s terminal emulator solutions bring tremendous value by reducing risk, improving security, simplifying regulatory compliance and lowering total cost of ownership. These capabilities are critical for the large financial services firms, insurance companies, leading hospitals, manufacturing facilities and many other organizations for whom mainframes provide their lifeblood.

Let me share why deploying a modern terminal emulator delivers value in two important ways.

Security enhancement

First of all, the current generation of terminal emulators is built to support the highest U.S. government security standards (FIPS 140-2 and DoD PKI), providing enhanced military grade encryption protocols and multi-factor authentication (MFA). Many older systems can be accessed by simply using an 8-character non-case specific password which is basically saying to hackers come on in and take what you like. With the increasingly aggressive threats taking place in the world of cybersecurity, organizations need to implement robust protocols to protect access to their data and systems. No one wants to end up like Apple, Yahoo or Uber and have stolen credit card and personal data from millions of customers offered for sale on the dark web.

The power of multifactor authentication as applied to terminal emulators is transformative. MFA requires at least two of three factors in order for a user to access a system–something you know (PIN, password), something you have (RSA key, smart card) and something you are (biometric data: face scan, voiceprint). The end result is much more secure access to legacy systems and fewer sleepless nights for IT managers.

Regulatory compliance

Another important reason for upgrading to a modern terminal emulator is that it simplifies compliance with increasingly stringent security guidelines.

Here’s a recent example of how an outdated terminal emulator turned into a major problem. Recently, a municipality in Florida was caught by surprise when the FBI performed a random audit. The FBI is within their rights to conduct auditsevery 2 to 3 years and in fact, can actually perform one at any time of their choosing. In this particular case, the audit uncovered a terminal emulator that was not compliant with the current FIPS 140-2 security guidelines. While the findings are still being reviewed, the local government risks having to pay a large fine that will certainly put a dent in their operating budget. Not only that, but there are additional implied costs associated with updating their terminal emulator to meet current security regulations.

The bottom line is that with security breaches and insider fraud on the rise, organizations must tightly protect their legacy host systems. By updating terminal emulators, they can increase the security of their networks, host systems, host data, and host-dependent business processes. Plus, organizations with outdated solutions run the risk of violating evolving government regulations and standards and having to pay large penalties and fines.

Now is the time to review options for upgrading your terminal emulators to reduce risk, improve security and lower total cost of ownership.

Contact us to learn more about Rocket terminal emulation solutions.
Dan Magid

Dan Magid 20 Posts

Daniel Magid is VP of Solution Sales at Rocket, and is a recognized authority on helping leading organizations achieve compliance through ALM solutions and DevOps best practices. He has written a variety of articles for leading IT publications and is a regular speaker at technology conferences.

0 Comments

Leave a Comment

Your email address will not be published. Required fields are marked *