Simuna InfosecSIMUNA INFOSEC
Technical

Legacy System and Mainframe Security: Assessing Systems Too Critical to Replace สำหรับองค์กรไทย

Mainframes and legacy systems process critical transactions but may lack modern security controls. Assessment approaches for irreplaceable infrastructure. Guidance for TH market.

Legacy systems — mainframes running COBOL, AS/400 systems, decades-old applications — often process the most critical business transactions (banking, insurance, government) but lack modern security controls. Assessment covers: access control (RACF, ACF2, TopSecret configuration), network exposure (are mainframe services accessible from modern networks?), application security in legacy code, encryption of data at rest and in transit, audit logging adequacy, and the security of interfaces between legacy and modern systems.