Mainframe change management tools ease compliance burden

Mainframes host a bulk of the critical data important to compliance auditors, but data center managers have had to rely on brute force and aging tools.

Data center operations lie at the heart of business service delivery. The influence of data center operations, as they directly control and impact business success, extends across the full range of business services. Centered on the mainframe, but including distributed operations, this infrastructure provides the primary engine for the delivery of the IT services that comprise business services.

More on change management and compliance:
Server Specs: IBM updates Tivoli CMDB

Change and configuration management cut firm's downtime

IT and business services face increasing regulation and control mandates due to an enterprise management team forced to deal with the swelling burden of compliance activities. These activities stem from a combination of legislation, licensing/certification processes and executive directives to achieve good business governance.

As the major force behind the creation and delivery of business services, today's IT is responsible for increasingly regulated operational tasks that they must also monitor and manage to assure compliance; a double-headed hit. Further, any activity impacting these operations must also be monitored and reported upon. IT is responsible for both the services that implement compliance monitoring and the processes for monitoring and reporting service compliance. As much as any enterprise executive, IT must operate under the threat of legal and operational ramifications of non-compliance.

Mainframe change management tools neglected

While there appears to be no shortage of solutions for compliance monitoring and reporting, areas of exposure remain. One example is the mainframe which tends to be neglected with most attention focused on distributed systems. However, the mainframe is acknowledged platform of choice for mission-critical applications frequently involving the processing and storing of large volumes of personal data. Today, mainframe software change management remains an area where IT must rely on a mixture of brute force effort and aging tools to report on and verify systems and software changes.

The growing complexity of operations (monolithic applications and single platform services giving way to componentized applications distributed across multiple independent platforms), technology (SOA, virtualized infrastructures), implementation processes (interdependencies and integration), increasing governance and oversight coming from internal management governance and a growing body of external (SOX, HIPAA) requirements are driving auditors as well as executives to demand more data, analyzed in more ways, and with more frequency.

These compliance, governance and risk management issues mean that IT must deal with a growing mandate for continuous monitoring and customized reporting to assure both that compliance requirements are met and to guarantee that the integrity of the overall compliance process is not compromised by accident, sabotage, and changing conditions.

The traditional datacenter, with all of its existing security processes, structures, and applications, assumed a degree of knowledge (application, process, infrastructure) and control (accessibility, workload –size and timing) that no longer exists. Therefore, IT must review, evaluate and revise existing management routines from top to bottom - tools, procedures, and processes – in light of these requirements. Finally, for the data center, IT needs integrated solutions - working together seamlessly to handle the operational management, monitoring and reporting tasks associated with compliance and control. These tools need to provide policy-based, automated, centralized change control, and management of data center systems software.

The good news in all of this is that business pain combined with revenue opportunity and continued growth and interest in the mainframe stirs the entrepreneurial spirit. The traditional mainframe solution providers along with their channel partners are currently or have invested in enhancing existing solutions and creating new ones. For example:

  • BMC Software's SYSchange for z/OS (www.bmc.com) is providing automated, fine-grained control and protection for managing systems software on the mainframe. It provides unique level of control to manage who can make what changes where and when, as well as fully customizable reporting capabilities.
  • CA's Change Manager for Mainframe provides management support and control across the software life cycle from development through production turnovers and ongoing change and configuration management. It supports comprehensive audit trails as it protects and controls software assets.

In addition, the open source software community which typically focuses on the distributed environment has turned their attentions to the mainframe management challenges. This time the topic is security where JME Software recently announced t their DEADBOLT product family to update and simplify mainframe security processes. As an example, DEADBOLT Access Control eliminates the need to translate and juggle among multiple mainframe security solutions (RACF, TOP SECRET, and ACF2) with automated conversion to a single integrated access control system that not only replaces the existing solution but will work with distributed systems as well to provide a single enterprise-wide security solution. There are three more members, DEADBOLT Monitor, DEADBOLT Password Reset, and DEADBOLT Explorer to fill out the family.

All-in-all, it looks to be an interesting year for systems management in the data center.

ABOUT THE AUTHOR: Richard Ptak is an analyst with Ptak, Noel & Associates. He has over 30 years experience in systems product management. You can send your questions, comments and suggestions for topics to [email protected]

Dig Deeper on IBM system z and mainframe systems