Friday, 30 June 2023

Why do mainframers feel the way they do? Part 1

Working with mainframes is a bit like being a spy in a foreign country sometimes. You know that you have the most secure and powerful platform available, and yet you seem to be working abroad – by that I mean your organization – where no-one seems to be aware of the mainframe’s existence and only talk about server racks and the cloud. That’s going to affect your mental health, isn’t it? Let’s look at what else can affect the mental health of mainframers – by that, I mean you and your colleagues.

Let’s start at the beginning. People start off the way they are because of their genes – a random mixture from both parents. In addition to how the genes are expressed, there are also the effects of epigenetics. This is where the expression of a gene or genes is altered, but the basic genetic code doesn’t change. As scientists discover more about genes, we find some that definitely have a specific impact on a person – eg genes for particular diseases – and there are suggested associations between genes and certain things, eg addiction or depression. However, in May 2021, a genome-wide association study (GWAS) of genetic and health records of 1.2 million people from four separate data banks identified 178 gene variants linked to major depression.

Do genes totally control how happy any mainframer will be? Sonja Lyubomirsky, author of The How of Happiness suggests that 50 percent of happiness is genetically predetermined, while 10% is due to life circumstances, and 40 percent is the result of your own personal outlook. These values might apply to more than just happiness.

Picking up on that 40% figure, it’s not so much the events that happen in your life that affect you, it’s very much how you think about them that impacts you.

The second big thing that affects a person is their environment. This is the surroundings or conditions in which a person lives or operates. The effects of genes and environment led to the nature-nurture debate that went on for many years. And this fits Lyubomirsky’s ideas about happiness percentages.

We also know that a person’s childhood can affect how they think and behave as an adult, and also affects their health as an adult and their life expectancy. It’s also during childhood that many people’s core values and beliefs are created (or indoctrinated – depending on your beliefs).

Let’s suppose you go for an interview for a new job somewhere, or a promotion at your present company, how do you feel? Most people will probably feel a little nervous, perhaps go to the toilet a couple of times, have butterflies in their stomach. This is your body’s flight-or-flight response. The problem is that it’s exactly the same response whether you are feeling excited – like a child who is going to meet Father Christmas – or terrified – those few moments before the charity skydive starts that you foolishly agreed to! Adrenalin is pumping round your body causing blood to move away from your gastrointestinal (GI) tract and sending it to your muscles. That’s why you feel butterflies in your stomach, it’s the lack of blood. How you interpret that – excitement or terror – depends on you and where you find yourself.

That just illustrates the link between your body and your mind. They are not two distinct domains, they are intimately linked. How much pain you feel from an injury can depend on how relaxed you are. Clenching their fists and tightening their muscles can increase a person’s perceived level of pain. So can the expectation machine that is your brain. If you expect the vaccination or dental work will hurt you very much, then guess what, it will. If you don’t expect very much pain, then the sensation of pain will pass more quickly.

Let’s take a closer look at a mainframer’s GI tract and how it can affect them.

Firstly, a person’s GI tract has millions of bacteria etc that live in it – our gut microbiome. The gut has its own nervous system – called the enteric nervous system. And there’s a two-way link between the brain and gut – the Gut-Brain Axis (GBA).

Our gut has to digest food (ie make and secrete enzymes). It has to absorb food. It has to squeeze food through itself (peristalsis). And it has to defeat invading bacteria. It has to ensure the cells in the gut lining keep the bad stuff out and let the good stuff through. It has to not have too thin a layer or too many gaps between cells. And it has to produce a layer of mucous over the top of this lining. And your microbiome helps – it does use some of your food for itself, but it does create useful products. If you don’t have a microbiome, eg through taking too many antibiotics, you’ll not be very healthy.

What you eat can affects your biome. Studies have shown that gut microbes can affect behaviour and even emotions (like depression). A Belgian study found two kinds of microbe (Coprococcus and Dialister) were missing from the microbiomes of their depressed subjects, but not from those with a high quality of life.

Compounds made by the gut microbiome, eg Short-Chain Fatty Acids (SCFAs), such as butyric acid, propionic acid, and acetic acid, are able to stimulate sympathetic nerves, mucosal serotonin release, and to influence memory and the learning process.

Faecal microbiota transplants can be used to influence mental health. The gut microbiome plays a facilitating role between the stress response, inflammation, and depression and anxiety.

 

Find out more about what affects mainframers, when the second part of this article is published next time.

Sunday, 25 June 2023

Cloud security for mainframers

One of the things that mainframers are rightly proud of is the security that surrounds working on a mainframe. Data can be secured at rest, in motion, and even while being used. Using modern mainframe security products like FIM+ from MainTegrity, makes it possible to quickly identify when data has been changed and whether that was an expected change or not. It’s also possible to quickly identify which backup copy should be used to restore data from. And it does much more. Basically, what I’m saying is that when mainframe security is done properly it works well and is fairly easy to use. I’m not saying it’s perfect, that’s not the world we live in.

If you’ve read any mainframe news stories for the past year, they are predominantly about mainframe sites modernizing and moving applications to the cloud, or even just getting rid of their mainframe and moving to a cloud-based environment only. The question that no-one seems to ask is whether the cloud is any more secure than a mainframe. Well, is it?

I guess the answer is that when cloud security is done well, it can be quite secure.

Just looking at AWS for the moment, it provides:

  • AWS CloudTrail, which tracks all activity occurring on AWS.
  • Amazon GuardDuty, which is a threat detection service that continuously monitors AWS accounts and workloads for malicious activity and delivers security findings for visibility and remediation.
  • Amazon Security Lake, which centralizes disparate log and event data from a customer’s AWS environment into a purpose-built data lake for a more complete, organization-wide understanding of their security related data.

There are other security products available.

IBM has recognized the need to extend mainframe security and has recently come out with some announcements. It is planning to help customers simplify and enhance cloud security by bringing together native AWS Cloud Foundational Services with IBM Security QRadar Log Insights and IBM Security QRadar SIEM. It’s also strengthening its Guardium family of data security products, extending data visibility and control into AWS.

IBM Security QRadar Log Insights, which is a cloud-native management platform, is being brought together with several AWS native services. Roles and permissions are programmatically set-up within the AWS Identity and Access Management (IAM) Identity Center, and AWS Control Tower configures Log Insights, which are designed to help shorten time-to-value and reduce cloud misconfigurations.

Customers can expect the following benefits:

  • Simplified search-based investigations. Audit logs from AWS CloudTrail can be integrated with IBM Security QRadar Log Insights, making it easier to search events across AWS and hybrid cloud environments to identify potential malicious behaviour or misconfigurations.
  • Enhanced security data visualization. Bringing together Amazon GuardDuty and IBM Security QRadar Log Insights allows user to take data from other clouds and on-premises, providing access to data quickly and in one place to deliver efficient detection, investigation, and response to threats.
  • IBM Security’s QRadar Suite now supports Amazon Security Lake, providing comprehensive hybrid cloud visibility.

In addition, IBM has enhanced its Guardium data security products, helping customers better protect and manage their cloud data:

  • Guardium Insights SaaS editions is available in AWS Marketplace. The three new SaaS editions are designed to meet the needs of small, mid, and large enterprises. These new editions help organizations address data compliance regulation requirements and protect data spread across multiple cloud platforms.
  • Data Security Posture Management (DSPM). IBM has acquired Polar Security, a DSPM pioneer. Polar’s agentless solution automatically finds unknown and sensitive data across the cloud, including structured and unstructured assets, SaaS apps, within cloud service providers such as AWS. Once the data is discovered, Polar classifies the data, maps the potential and actual flow of that data, and identifies vulnerabilities, such as misconfigurations, over-entitlements, and behaviour that violates policy or regulations. Polar’s DSPM technology will be integrated into IBM’s Guardium family of data security products.

IBM Security Services, part of IBM Consulting, is announcing support for the AWS Global Partner Security Initiative. This new initiative will provide the opportunity for IBM and AWS to provide transformational security and compliance services with actionable security data that leverages the power of generative artificial intelligence (AI).

The AWS Global Partner Security Initiative comprises four security pillars: Managed Detection and Response (MDR); Cyber Resilience Emergency Recovery; Security-led Cloud Migrations; and Continuous Regulatory Compliance. Through this initiative, IBM initially intends to focus on helping customers migrate, modernize, and operate critical business workloads in the cloud. This also builds on the dedicated resources and deep expertise within IBM Consulting to work with shared AWS customers to bring secured, automated solutions to hybrid cloud environments.

Clearly, IBM has recognized that while cloud security is good, it needs to be enhanced in order to bring cloud security up to the same level as mainframe security.

I would imagine that very soon we will be hearing about artificial intelligence (AI) products being used on mainframes and in the cloud to maintain the security of those environments against both would-be hackers and disgruntled staff. Although, I suppose that somewhere hacker gangs are building their own AI software to hack those same cloud and mainframe sites.

Sunday, 18 June 2023

Mainframes and open-source software

I’ve known people who use open-source software all the time, and I’ve also known people who say that they will never allow open-source software on their mainframe. They feel that their reasons are almost too obvious to be worth stating. You are just never sure about the security of open-source software. After all, lots of people will have had a hand in the development of the software and you never know what sort of backdoors they’ve put into the software. Or, they may, needing to finish something quickly, not have made that part of the software as secure as it needs to be for use on a mainframe.

Other people will argue that the very fact that open-source software is being used on other platforms has given hackers a chance to really understand its workings. So, if that software becomes available on the mainframe, those hackers will be able to break into an otherwise very secure platform, using the knowledge and techniques that they have developed on those other platforms.

That all seems quite damning. For reasons of safety and security, it’s best to keep your mainframe free of open-source software. But is that true? Or is there a grain of truth in it?

One argument for using open-source software on a mainframe is the very fact that it has often been available on other platforms, and there are a number of people who are familiar with using it. That helps get over the promised staff shortages at mainframe sites. Another argument is that the price of open-source software makes it very competitive against other sources of mainframe software – basically because it can be free. However, there will be the cost of running the software as well as the cost of training staff to use it.

Perhaps the best-known piece of open-source software is Zowe, which is an open source software framework that allows mainframe development and operation teams to securely manage, control, script, and develop on the mainframe. Initial development came from IBM, Rocket Software, and Broadcom, three heavyweight software houses for mainframes. The advantage for sites using Zowe – and there are many – is that it has the look and feel of software developed off-mainframe. By that I mean it is easily accessible by people with no mainframe training, who are empowered to work productively and successfully on a mainframe. Again, this solves the mainframe skills shortage that we often hear about. Since its original launch, Zowe has extended in the facilities and features that it offers.

Part of the Linux Foundation is the growing Open Mainframe Project, whose mission is to eliminate barriers to the adoption of open-source software on the mainframe. To that end, the project has announced the launch of a Call for Proposals for its fourth annual Open Mainframe Summit. This year, the event will be collocated with two industry conferences: IBM TechXchange Conference 2023, hosted in Las Vegas on 11-14 September, and Open Source in Finance Forum, hosted in New York City on 1 November.

“As mainframe technology and events evolve and mature, it becomes a more natural evolution to align Open Mainframe Projects and activities with other industry events”, said John Mertic, Director of Program Management at the Linux Foundation and Executive Director of the Open Mainframe Project. “This year, by partnering with IBM and FINOS, we are offering attendees the opportunity to enhance their experience with unique presentations and targeted conversations with industry experts.”

“As open source becomes the default development model for many enterprises, mainframe customers are looking to embrace community-developed code for their mainframe environments”, said Steven Dickens, Vice President and Practice Leader at the Futurum Group. “The Open Mainframe Project has established itself as the go-to community for mainframe developers, enterprises and vendors alike. The events announced today are a key part of how the community will gather to advance code on the mainframe.”

Open Mainframe Summit aims to connect and inform all those interested in growing the use of mainframes and related technology in dynamic technical and educational sessions. It is open to students, developers, corporate leaders, users, and contributors of projects from around the globe looking to learn, network, and collaborate. It will feature content tracks that tackle both business and technical strategies for enterprise development and deployment.

The IBM TechXchange Conference offers technical breakout sessions, hands-on experiences, product demonstrations, instructor-led labs, and certifications, and the Open Mainframe Summit will be featured as part of IBM’s TechXchange Community Day on 11 September.

The Open Source in Finance Forum is dedicated to driving collaboration and innovation in financial services through open-source software and standards. This event brings together experts across financial services, technology, and open source to engage in stimulating and thought-provoking conversations about how to best (and safely) leverage open-source software to solve industry challenges. Open Mainframe Summit will be featured as part of a 6-session track and a 10-minute keynote presentation.

The Call for Proposals will be accepting submissions until Friday 30 June. Interested speakers for either event can submit proposals with options for 20-minute talks, 30-minute sessions, 60-minute panel discussions, or a 60-minute workshops or labs. All topics that benefit the Open Mainframe ecosystem are welcome and can include (but are not limited to) AI, machine learning, building the next workforce, cloud native, COBOL, Java, hybrid cloud, diversity and Inclusion, z/OS and Linux on Z, and security.

I just think that we are going to see more open-source software running on mainframes moving forward.

Sunday, 11 June 2023

Burnout – is it an issue for mainframers?

In today’s fast-paced and demanding world, burnout has become an increasingly prevalent issue affecting individuals across various industries, from professionals in high-stress jobs to students overwhelmed by academic pressure. And that can include people who work on a mainframe. And yet it was as recently as 2019 that ‘burnout’ was recognized by the World Health Organization (WHO) as an ‘occupational phenomenon’.

According to Mental Health UK, Burnout is a state of physical and emotional exhaustion. It can occur when you experience long-term stress in your job, or when you have worked in a physically or emotionally draining role for a long time.

So, how do you know whether you have burnout? Burnout manifests itself in various ways, and it is crucial to identify the signs early to address the issue effectively. Some common symptoms include:

  • Emotional exhaustion – feeling emotionally drained, overwhelmed, and lacking the energy to cope with daily tasks.
  • Depersonalization – developing a cynical and detached attitude towards work or personal responsibilities, leading to a loss of motivation and decreased empathy.
  • Reduced accomplishment – experiencing a sense of ineffectiveness, decreased productivity, and feeling that one’s efforts are not yielding the desired results.
  • Physical symptoms – frequent headaches, fatigue, insomnia, and changes in appetite or weight are often associated with burnout.
  • Cognitive difficulties – difficulty concentrating, memory problems, and reduced creativity are common cognitive manifestations.

In other words, people feel overwhelmed, helpless, trapped, and/or defeated. They feel detached/alone in the world and have a cynical/negative outlook. They are filled with self-doubt, they procrastinate or simply take longer to get things done.

Unfortunately, burnout simply gets worse unless a person addresses the underlying issues causing it.

Herbert Freudenberger, an American psychologist who in 1974 used the word ‘burnout’ in this sense, suggested that there were 12 stages in the progression of burnout. This has now been reduced to five stages, which are:

  1. Honeymoon phase – there are no signs of burnout. People are full of enthusiasm and commitment. However, there is a risk of overworking.
  2. Onset of stress – some days are more stressful than others resulting in less time for family and friends. People begin to find difficulty focusing, and experience, headaches, anxiety, and changes in appetite.
  3. Chronic stress – a person’s problem-solving skills and performance decrease further, and they start feeling out of control and powerless. People may procrastinate. People start becoming ill more frequently and become more emotional. People may see even less of friends and family, and some people may take to drink and drugs.
  4. Burnout – exhaustion makes it hard to cope with work demands. A sense of failure and powerlessness can lead to despair and disillusionment.
  5.  Habitual burnout – the symptoms of burnout become part of a person’s life. This can affect a person’s career, personal relationships, and life in general.

Burnout may be the result of stress, but they are not the same thing. Typically, stress involves too much pressure demanding too much of a person physically and mentally. Stressed people can still imagine that if they get everything under control, they’ll feel better. Whereas with burnout, people feel empty and mentally exhausted, devoid of motivation, and beyond caring. People with burnout often don’t see any hope of positive change in their situations.

If Herbert Freudenberger was the first to use the word ‘burnout’ in its current sense, Hans Selye was the first to use the word ‘stress’ in its current form. He used the word to describe the “nonspecific response of the body to any demand”. Selye is known as the ‘father of stress research’, and published his best-known book, The Stress of Life, in 1956.

Burnout is typically caused by a combination of internal and external factors. Some common causes include:

  • Work-related factors – high job demands, long working hours, lack of control over work, insufficient support from colleagues or superiors, and monotonous or unfulfilling tasks.
  • Lifestyle imbalance – neglecting personal needs, inadequate self-care, and an imbalance between work and personal life.
  • Personality traits – perfectionism, high self-expectations, and the inability to delegate or set boundaries.
  • Lack of social support – limited social connections, inadequate emotional support, and feeling isolated.

So, what can mainframers and others do to prevent burnout, if they feel that they are beginning to struggle with it? Recognizing the signs of burnout is crucial, but it is equally important to take proactive steps to prevent and recover from it. Here are some effective strategies:

  • Self-care – adopt healthy habits, including regular exercise, adequate sleep, and a balanced diet. Engage in activities that bring joy and relaxation.
  • Set boundaries – learn to say no and establish boundaries to prevent overcommitting and excessive workloads. Delegate tasks where possible and communicate your limits to colleagues or superiors.
  • Get help – reach out to friends, family, or professionals for emotional support and guidance. Consider joining support groups or seeking therapy to share experiences and learn coping strategies.
  • Time management – organize and prioritize tasks effectively, break larger goals into smaller, manageable tasks, and schedule regular breaks to avoid overwhelm.
  • Develop coping mechanisms – engage in stress-reducing activities such as mindfulness, meditation, deep breathing exercises, or journalling to manage stress levels and promote mental wellbeing.
  • Evaluate and reflect – regularly assess your goals, values, and motivations to ensure they align with your personal and professional aspirations. Look for opportunities for growth and make the necessary adjustments to restore a sense of purpose.

What can your company do about burnout in the workplace? There are two possibilities. The first is to produce a wellbeing plan that can be used as a tool by employees to help identify what good wellbeing looks like for them, as well as what it looks like when things aren’t so good. Secondly, stress risk assessments can be used by staff to identify how stressed they feel at work. The next step is to find ways of removing or reducing the risk.

Burnout is a serious condition that can have a significant impact on individuals’ lives, but it is not an insurmountable challenge. By recognizing the signs, understanding the causes, and implementing effective prevention and recovery strategies, it is possible to overcome burnout and restore wellbeing for everyone That way mainframers can avoid burnout becoming an issue for them.