- 20 Best iPhone/iPad Games of 2013
- Google Chromebook Buyer's Guide
- 10 Signs You're Probably a Techie
- 8 Things Kindle Fire HDX Does That iPad Air Can't
IDG News Service - A COBOL (common business oriented language)-based system used to support New York's US$160 billion state pension fund has become the subject of controversy, with some officials claiming it poses a potential security risk and others defending it as "battle-tested," albeit set to be replaced.
Dubbed MEBEL (member, employer, benefits, executive and legal), the system dates back more than 25 years, according to an audit released earlier this month by the state Department of Financial Services. It "supports the core business processes of the retirement system including benefits processing, calculating and payment, employer billing and reporting, and enrollment and termination of membership," the audit adds.
"Using a system that is more than 25 years old for such a high volume of transactions is dangerous, particularly because the systems and programs MEBEL was intended to interface with are also now very outdated and there are a small and dwindling number of specialists able to use and maintain them," the audit states.
The audit also found that MEBEL had been using versions of IBM's z/OS mainframe operating system and Microsoft's SQL Server that were so out of date, they weren't supported by the vendors. While the state has upgraded SQL Server it won't do the same for z/OS until later this year, according to the audit.
"Software vendors do not create security patches or fixes for recently identified problems for software that is past their formal support end dates," it adds. "This lack of security and functionality protection leaves the retirement system's data vulnerable to bugs and to security breaches, including attacks by hackers."
The Department of Financial Services falls under the auspices of New York Governor Andrew Cuomo's administration, but the pension system is overseen by New York state Comptroller Thomas DiNapoli, who is elected separately and also serves as the state's auditor. The two have sparred politically over various issues in recent years, including DiNapoli's handling of the pension fund and Cuomo's budget proposals.
DiNapoli's office responded to the DFS audit on Friday, saying it contained "numerous inaccuracies, misleading statements and errors."
MEBEL is a "secure and battle-tested system" and COBOL is a "very stable language used extensively throughout state government as well as financial institutions around the world," the statement added.
A "reliable work horse," MEBEL has been "constantly maintained and updated," DiNapoli's office said. "None of the hardware or software used by the System is old. The mainframe was purchased in 2009 and the software is current. A stable computer system has a low risk of sudden and arbitrary failure."
Although COBOL dates back more than five decades, its time of invention is "irrelevant" in light of this ongoing maintenance, he added.
Nor is the suggestion of a security risk accurate, as MEBEL isn't directly accessible from external sources, DiNapoli said.
As for skilled COBOL programmers, the comptroller's office has had great success in hiring candidates from outside as well as training new staff on it and IBM's CICS (customer information control system) transaction server, which is also used in MEBEL, DiNapoli said.