Although we are seeing a surge of movement toward the cloud, especially during the Covid-19 work-from-home era, many companies still see the mainframe as relevant and are building it into their architecture in a way that limits security issues.
Speaking at a Micro Focus panel to discuss the issue of mainframe and access control, as well as why this almost 80-year-old technology is still being used, despite a shift to the cloud, Absa’s head of mainframe and utility services, Grant Fendick, said that the mainframe has been the technology foundation for many large institutions, and has become one of the “sexiest dinosaurs” around.
“It is fundamental. Its capabilities, when coding, had to last out a 60-year view. And still to be processing core workloads across organisations, I think it really does still demand the respect that it has gained over the many years.”
Lead architect of identity, access & entitlement management at Nedbank Adele Jones explained that the mainframe stored in the bank’s ecosystem provides core functionality in terms of the payment processing ecosystem. Meanwhile, frontend interaction is more agile, and the bank has managed to merge the two thanks to a layered architecture.
Head of data enablement at Absa Denzil Pillay added: “Different banks have different opinions on this. So, the layered architecture is one approach… But other banks have said, to offer our customers better products we need to replace our mainframe technology, because it’s holding us back in terms of product offering — and offering them the newest and greatest accounts and products.”
Nedbank has found that using mainframes does not hold it back, with Jones explaining that IBM does not force anyone to use the Z operating system, as Linux is also available. “So, it’s not limiting us at all. In fact, it’s opened some doors for us in exploring new tech.”
Using various systems, however, raises security issues. Nedbank took a layered architectural approach, which resulted in systems being integrated to ensure as much security as possible, Jones explained. Because of this, Nedbank’s mainframe can be managed as a traditional system interaction with traditional authentication protocols, while layers in between that and the newer technology allows it to talk newer languages.
Global Computing and Telecoms technical director of cloud & cybersecurity Paul Fuyane added that when looking at the cyber stack, “you look at the various levels of security within the mainframe environment, for example, as well as from the level of the endpoints”. As a result, GCT tries to ensure that the end user is as secure as possible, using more modern ways of authentication and aims to move to technology that doesn’t require passwords and, thus, is less susceptible to breaches or attacks.
Moving away from the mainframe is not always an option, as Fuyane explained, given that it will require a mammoth pipe to transfer all that data around the organisation.
Sanlam’s head of IT strategy & planning Tsepo Lesihla said he is replacing the insurer’s mainframe, a programme that Sanlam has been starting and stopping for the last 15 years. As a result, he is finding that Sanlam is not able to offer its clients modern alternatives, because some of the systems have been written in Dutch, which makes it complex. “We have identified that there are certain things that we will not be able to change that we’ll have to live with for a longer time.”
Dhivendran Naicker, head of architecture, integration & Infrastructure at Liberty, adds that Liberty also tried to leave the mainframe behind, but found that some of the more modern architectures and technologies that are out there couldn’t provide the reliability that mainframe does, especially when it comes to high-volume transactions. “We need to digitise, and we need to get off the platform, but we never seem to always get there. And we always go back into the comfort zone of leveraging off that reliability you get from mainframe.”
Justin Agar, Micro Focus South Africa’s territory manager, pointed out the mainframe remains core and is looking after some of the most important processes and for the organisation, it is a matter of using these to their full advantage.
It’s a matter of balance. Younger workers are demanding faster speeds than the mainframe can provide, said Ernst & Young Africa digital technology infrastructure leader Annalyn Rejji. However, others in the workplace and client environment will prefer the mainframe. “There’s definitely differences of opinion on all sides.”
Chief information security officer at Motus Charles Kungwane says the environment in South Africa is more fragile than agile because the company doesn’t want “everyone to touch the perimeter, because that’s where our heartbeat of access control sits”.
Sandra la Bella, The Unlimited’s head of cyber, data, business engagement & Architecture, added that the end goal is loosely coupled architecture, which provides more flexibility, but this can only be implemented when in a mature environment. This, she said, cannot be dreamt of in a mainframe environment.
State-owned enterprises face additional challenges, as Alan Visser, GM of technology at the SABC, pointed out. He said it’s tricky to implement technology and remain compliant with the Public Finance Management Act. As a result, technology moves faster than the government space can allow for, which means it’s often easier to keep the system on-premises instead of moving to the cloud. This, he added, is not a situation that is limited to state-owned enterprises.
Kevin Kemp, Micro Focus business development manager for application modernisation, noted that no one has said the mainframe is too expensive, because it is still vital.
As Malcolm Trigg, principal systems engineer for Micro Focus, said, it’s a never-ending journey in many ways. “As soon as you get close to your destination, another technology comes along. Another mandate coming along from either government or from industry, which means you’re then extending your journey a little bit longer.”
- This promoted content was paid for by the party concerned