Blog
Preparing for the Impact of PCI DSS 4.0
Thu, 11/10/2022
Stealing credit card data is a perennial favorite of cybercriminals everywhere, whose aggressive tactics to score sensitive accountholder details result in breach after breach for organizations small and large. In its most recent research on payment card fraud, The Nilson Report found $28.6 billion in losses for 2020 (nearly 36% in the U.S. alone),...
Blog
What is a Vulnerability Management Program?
Mon, 07/25/2022
The Equifax breach was caused by a vulnerability. The WannaCry virus exploited a vulnerability. The stories don’t seem to end but it seems like no one is talking about how to solve this problem which is: start a vulnerability management program.
“Manage the vulnerabilities in my network? Sounds easy” well, not so much, but not so difficult that you shouldn’t be spending time and resources on it....
Blog
6 Ways to Defend Yourself Against Password Attacks
Thu, 07/14/2022
Ever since Ali Baba uttered “open sesame,” thieves have been using stolen passwords to access hidden riches. In the digital world, password attacks have been and continue to be a common way for threat actors to gain access to an organization’s treasure trove of data. No matter how many emails we get from IT explaining what makes a good password, many of us still use the same basic password in...
Blog
Penetration Testing Frequency: How Often Should You Test?
Fri, 06/24/2022
Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture. Many businesses want to stay proactive about securing their IT environment and find that pen testing helps them stay compliant and prove adherence to regulations or industry best practices. According to the...
Blog
Solutions for Vulnerability Management
Fri, 04/22/2022
This guest blog from Dr. Edward Amoroso, Tag Cyber provides a high-level overview of modern advances in vulnerability management and how the Fortra cybersecurity portfolio supports this important method for addressing exploitable weaknesses in an enterprise.
Blog
Malware, Ransomware, and Viruses vs Your IBM i Server
By Robin Tatam on Fri, 02/11/2022
Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.
Blog
Getting Started with PCI and Why Every Company Should Be in Compliance
By Robin Tatam on Mon, 01/24/2022
Few things strike fear into the hearts of consumers and businesses more than a breach of financial information. Why? Because it hits us where we’re most sensitive: our pocket books!
Blog
The Evolution and Advancement of Penetration Testing Under Covid-19
Fri, 05/21/2021
Brian Wenngatz, general manager at Core Security, a Fortra company, discusses the advancement of penetration testing during Covid-19.
Blog
Recommended QSECURITY Level for IBM i
By Robin Tatam on Thu, 04/15/2021
The system security level (QSECURTY) sets the overall tone for your IBM i security posture. Read this blog post to learn how many organizations are following IBM's best practices.
Blog
IBM i (AS/400) Security Study Shows Shocking Number of Users Have Default Passwords
By Robin Tatam on Thu, 04/15/2021
Password security issues are critical because they represent the most obvious—and most easily exploited—method to compromise your system. But an alarming number of users rely on the simplest passwords possible on IBM i.
Blog
Reduce Virus Spread with QIBM_QP0L_SCAN_OPEN and QIBM_QPWFS_FILE_SERV
By Robin Tatam on Thu, 04/15/2021
The data below is taken from the 2021 State of IBM i Security Study, which provides compelling insight into the security posture of 247 IBM i servers and partitions—systems that are often used for business-critical data, payment card data, and personally identifiable information (PII). The full study can be accessed here.
...
Blog
IBM i (AS/400) Security Best Practice: Recommended Response to Invalid Sign-On Attempts
By Robin Tatam on Thu, 04/15/2021
Invalid sign-on attempts happen to everyone from time to time, but large numbers of invalid attempts could indicate a cyber attack in progress.
Blog
IBM i (AS/400) Security Best Practice: Limit Users with *ALLOBJ
By Robin Tatam on Thu, 04/15/2021
In the wrong hands, IBM i special authorities can do serious damage, but the latest research shows far too many users have more access and authority than they need. Learn the best practices and how you can implement them.
Blog
IBM i (AS/400) Security Best Practices: Inactive User Profiles
By Robin Tatam on Thu, 04/15/2021
Inactive user profiles pose a serious threat to more IBM i systems than you might expect. Get the latest data and learn how to protect your systems.
Blog
What is the LGPD? Meet Brazil’s New Powerful Data Protection Law
By Kurt Thomas on Thu, 01/28/2021
Brazil is Latin America’s largest technology hub and has the eighth-largest economy by GDP. Getting to know the ins and outs of LGPD is essential for doing business there.
Blog
Endpoint Antivirus Software: What It Is, and Why You Need It
By Bob Erdman on Mon, 10/19/2020
The threat landscape can be a frightening scene when you look at the malicious attacks and ransomware infiltrating organizations around the globe. The good news: Endpoint antivirus applications are making enormous strides in their ability to protect enterprise-level equipment and data from attack. The bad news: Many companies overlook the need to secure non-Windows infrastructure and focus their...
Blog
Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time
Mon, 08/31/2020
Part 2 of the Improving Your Security-Efficiency Balance Series:
One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...
Blog
The Evolution of Cybersecurity Solutions for Organizations
Tue, 08/11/2020
In the early days of the internet, cybersecurity was fairly straightforward, with all solutions and strategies geared toward prevention. While prevention remains critical, cybersecurity has also had to evolve, with businesses layering their defenses and regularly evaluating the status of their safeguards to adapt to change—whether those be organizational or within the wider cybersecurity sphere.