Leaders need to be at the top of their game if they are to make mainframe compliance and security part of a winning business strategy. This is according to Dolf Snyman, Account Director at CA Southern Africa.
CA Southern Africa is the sole sub-Saharan representative of CA Technologies, a Broadcom company.
New technologies simplify compliance through integration and automation. “Regulatory requirements are only the tip of the compliance iceberg – it is an important focus for all businesses as it plays an integral role in ensuring that they meet stakeholder needs at all levels. Compliance is a top boardroom topic as it sits at the heart of how businesses conduct their operations,” says Snyman.
“Of course, when it comes to IT, the stakes are even higher with highly valuable business data and applications in the mix. Broadcom mainframe technology assists leaders to stay sharp and helps them to make compliance, transparency and reporting a core part of a winning business strategy,” he adds.
The compliance caché
Snyman explains that compliance is a concept with so many nuances that any discussion about it can quickly devolve into confusion. “At its core, compliance is how organisations meet their obligations and adhere to myriad requirements. The constantly evolving nature of those requirements, however, can make compliance feel less like a goal achieved and more like standing on shifting sand. Fortunately, there are solutions businesses can use not only to stay on solid ground, but also to get onto their front foot.”
Navigating the compliance landscape has three major aspects:
- Meeting regulatory reporting goals to maintain good legal standing.
- Giving organisations the ability to track how well they are following their own protocols and requirements.
- Tracking behaviours to detect improper behaviour and enhance security.
“Compliance is about more than just filling out forms and checking off boxes: it’s about creating meaningful insights from large amounts of data to get a full picture of what is happening, why it is happening and how it is happening. All the foregoing are critical steps for organisations aspiring to transparency and accountability. Moreover, it is necessary to bake them into business and IT strategies – companies who do so will reap the benefits.”
Snyman notes that compliance exists at the intersection of cost and risk, with organisations that take it seriously acquiring massive business advantages, not simply technical ones. Research in the USA reveals that companies spend about $10 000 per employee every year to achieve compliance. Unfortunately, it still does not prevent compliance breaches from being an all-too-common occurrence. There clearly needs to be another layer.
Customers must validate whether or not they are following the regulations that apply to their industries or geographies. This is a very manual process today that involves literally working through a checklist with auditors asking questions, for example, about whether or not passwords meet their standards. Providing affirmation with greater speed and accuracy across a hybrid IT environment must be the way forward. The growing list of regulations that government agencies and industry bodies require presents challenges for businesses with a growing need for compliance and proof of compliance to exist in real-time.
Automation – meeting the compliance challenge
Across virtually every industry sector, particularly those that are highly regulated, boardroom executives are not only concerned about the current state of affairs with regulations and compliance. They also seek robust systems, processes and technologies that can handle what's coming down the road. To answer questions surrounding their level of compliance more quickly, auditors and C-level officers are taking advantage of automation.
“CA Southern Africa and Broadcom work with customers to simplify continuous monitoring of crucial mainframe areas with our Compliance Event Manager. This modern cyber security solution continuously monitors for configuration changes, policy violations and anomalies. It prevents and limits damage and supplies forensics data to SIEM tools for enterprise-wide data analysis.
“We also assist customers looking to ensure a trusted environment for their customers and employees through our Security Insights Platform. This solution opens up data access from multiple sources for integration, self-service and automation. With just a few clicks, customers can find definitive answers to questions like: Who has access to system critical libraries? Or is my classified data pervasively encrypted? It also provides actionable recommendations for remediating discovered risks,” says Snyman.
“As the regulatory landscape continues to demand more from government and industry, we are investing to strengthen the security capabilities we offer our customers as well as to simplify their compliance process through integration and automation. Through our approach to security, data privacy and compliance, we position our clients to solve their business challenges in compliance reporting so they are free to pursue their broader business goals with confidence,” concludes Snyman.