COBOL-based system for $160B pension fund is a political football
An audit claims the system poses risks, but the office overseeing it calls it a dependable 'workhorse'
IDG News Service - A COBOL (common business oriented language)-based system used to support New York's $160 billion state pension fund has become the subject of controversy, with some officials claiming it poses a potential security risk and others defending it as "battle-tested," albeit set to be replaced.
Dubbed MEBEL (member, employer, benefits, executive and legal), the system dates back more than 25 years, according to an audit released earlier this month by the state Department of Financial Services. It "supports the core business processes of the retirement system including benefits processing, calculating and payment, employer billing and reporting, and enrollment and termination of membership," the audit adds.
"Using a system that is more than 25 years old for such a high volume of transactions is dangerous, particularly because the systems and programs MEBEL was intended to interface with are also now very outdated and there are a small and dwindling number of specialists able to use and maintain them," the audit states.
The audit also found that MEBEL had been using versions of IBM's z/OS mainframe operating system and Microsoft's SQL Server that were so out of date, they weren't supported by the vendors. While the state has upgraded SQL Server it won't do the same for z/OS until later this year, according to the audit.
"Software vendors do not create security patches or fixes for recently identified problems for software that is past their formal support end dates," it adds. "This lack of security and functionality protection leaves the retirement system's data vulnerable to bugs and to security breaches, including attacks by hackers."
The Department of Financial Services falls under the auspices of New York Governor Andrew Cuomo's administration, but the pension system is overseen by New York state Comptroller Thomas DiNapoli, who is elected separately and also serves as the state's auditor. The two have sparred politically over various issues in recent years, including DiNapoli's handling of the pension fund and Cuomo's budget proposals.
DiNapoli's office responded to the DFS audit on Friday, saying it contained "numerous inaccuracies, misleading statements and errors."
MEBEL is a "secure and battle-tested system" and COBOL is a "very stable language used extensively throughout state government as well as financial institutions around the world," the statement added.
A "reliable work horse," MEBEL has been "constantly maintained and updated," DiNapoli's office said. "None of the hardware or software used by the System is old. The mainframe was purchased in 2009 and the software is current. A stable computer system has a low risk of sudden and arbitrary failure."
Although COBOL dates back more than five decades, its time of invention is "irrelevant" in light of this ongoing maintenance, he added.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Architecting the Network of the Future Networks need to change, as does the way IT thinks about and manages them. In addition to reliability, IT must now add higher...
- 3 Steps for Enterprise Mobility Success: Strategy, Roadmap and Policy Having a mobile strategy is as essential as having a business plan or mission statement. A mobile strategy communicates to stakeholders, IT and...
- Enterprise Collaboration Strategy An Enterprise Collaboration Strategy will help organizations speed up innovation, better serve customers and quickly pivot to adopt rapidly changing Unified Communications &...
- Logicalis eBook: SAP HANA: The Need for Speed Without timely business insights, organizations today can suffer logistical, manufacturing, and even financial disaster in a matter of minutes
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Enterprise Architecture White Papers | Webcasts