In a recent news release, Andrew Wickett from Micro Focus discusses the challenges of mainframe compliance and offers some advice on ways to reduce compliance costs.
He notes that, compliance requirements depend on a company’s business and industry but are becoming an ever increasing issue to IT executives. Compliance with: data privacy regulations, SEC regulations and mobile payment protections are some of the challenges that organizations face. These compliance requirements come with lots of effort and at a high cost.
Ensuring compliance in your mainframe environment introduces a number of challenges. One of the biggest challenges is managing the need to maintain a steady state environment, while also trying to innovate IT. Most IT department’s budget are dedicated to maintaining their systems “as is” and not geared toward new projects and applications.
Mr. Wickett points to the following causes of mainframe compliance issues:
Poor visibility: Missing mainframe code documentation, concerns over internal resourcing, and data privacy all pose challenges when updating core applications for compliance. These affect how quickly companies are able to identify specific areas of code impacted by the compliance change.
Unsupported mainframe products: When software vendors consolidate or “sunset” product lines, then IT teams must initiate major projects to deal with the compliance issues of running unsupported products.
Security issues: IT teams are under constant pressure to ensure regulatory reporting and compliance for data breaches, while also trying to prioritize new initiatives and projects.
Cloud compliance: As companies continue to move into the cloud and provide mobile availability, they need to ensure their cloud environments are as secure as their current mainframe systems to maintain proper compliance.
Smaller skill sets: Most organizations have fewer available skilled mainframe resources to handle new IT compliance needs.
Mr. Wickett suggests the following 3 strategies for lowering costs associated with IT compliance:
1. Avoid replacing products
It is usually more costly and risky to replace legacy systems with newer applications. The “rip-and-replace” approach can result in project failures or projects that are delivered late and over budget. Organizations should consider a mainframe modernization strategy that helps to gradually change their applications using smarter analysis, development, and testing technology.
2. Leverage automation
Automation can create repeatable steps for updating mainframe software in order to meet compliance requirements. Application-understanding technology allows developers to focus on impacted areas and reduce the learning curve associated with unfamiliar code. This helps them to keep up with changing compliance requirements by finding the code, fixing it, and testing it.
3. Careful testing
Testing mainframe applications must also be carefully handled to avoid introducing failures and breaching existing regulations. Employing tools that allow for a flexible approach to testing and deployment of core systems, in accordance with data regulations, would be a big part in delivering compliance efficiently.