Resources

Blog

Your Biggest Threat Since Edward Snowden

By Robin Tatam on Mon, 03/06/2017
When Edward Snowden leaked the details of the National Security Agency’s PRISM program to the media, it resulted in a large public outcry and lot of unwanted attention. This doesn’t mean that system administrators should treat all of their contractors as the next Snowden, but it highlights the importance of ensuring that contractors, as well as employees, are sufficiently monitored and aware of how they are allowed to use company data.
IBM i Cybersecurity
Case Study

Hershey Entertainment Quickly Encrypts Credit Card Data with Powertech Encryption for IBM i

Hershey Entertainment & Resorts is a privately held company located in the tourist center of Hershey, Pennsylvania, and has entertainment, resort and commercial divisions. Earlier this year, Hershey learned that because the entertainment and resort operations accept credit cards for payment, they needed the information stored by their box office ticketing and reservations applications to be...
IBM i Cybersecurity
Case Study

Field-level Encryption Helps Retail Chain Achieve PCI Compliance

Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors. “We need to be able to access credit card...
Compliance
IBM i Cybersecurity
Blog

What's the Difference Between a Profile Swap and Adopted Authority?

Mon, 01/16/2017
Many organizations have the requirement to reduce the number of profiles to which special authorities—especially *ALLOBJ specially authority—have been assigned. In many cases, the excess capabilities can simply be removed because they aren't required for the person to perform their job functions. *SAVSYS special authority is a good example. Unless...
IBM i Cybersecurity
Article

iSeries Penetration Testing

Sun, 12/11/2016
Simple penetration tests help determine if a policy breach will be prevented and ensure that interested parties receive alert notifications. Failed tests might be indicative of a problem with product activation, or an incorrect or outdated Exit Point Manager IBM i rule set.
Compliance
IBM i Cybersecurity
Article

Monitor, Capture, and Send Log Events With Powertech SIEM Agent for IBM i

By Robin Tatam on Sun, 08/21/2016
In recent years, regulatory initiatives like Sarbanes-Oxley, HIPAA, PCI, and GLBA have placed increased emphasis on the need to monitor and secure sensitive information. For example, The Payment Card Industry (PCI) Data Security Standard dictates one of the most stringent requirements of all—logs must be reviewed daily, and a minimum of three months of logs must be available for analysis.
IBM i Cybersecurity
Blog

Three Reasons You Need an Updated Security Policy

Sun, 08/21/2016
If you still think creating and maintaining a security policy isn’t necessary, you could be setting up your organization for an unpleasant surprise. Check out the top three reasons businesses need an up-to-date security policy.
Compliance
IBM i Cybersecurity
Blog

IT Security Compliance 101

By Robin Tatam on Sun, 08/21/2016
In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.
Compliance
IBM i Cybersecurity
Article

Improve Event Auditing Using the System Audit Journal

By Sandi Moore on Fri, 08/19/2016
With any security implementation, established rules become less effective as time passes. Because your security requirements and your systems aren’t static, you must continually audit and adapt your security plan to stay current. Be aware that your system is constantly changing.
Monitoring
Article

What's New for Security in IBM i 7.1

By Robin Tatam on Mon, 06/27/2016
IBM added additional security functions in version 7.1 to further establish the Power Systems IBM i operating system as a world-class securable environment.
IBM i Cybersecurity
Article

Don’t Be Exposed In *PUBLIC!

Mon, 06/27/2016
Security typically operates so that users who are not granted authority have no authority. IBM i security, however, has a unique concept known as *PUBLIC.
Case Study

Fortra Meets IT Security Needs for Napa Recycling and Waste Services

Napa Recycling and Waste Services (NRWS) provides recycling and waste collection to businesses and residents in the City of Napa and southern unincorporated Napa County. The entire county, with 90 percent of its agricultural land devoted to viticulture, is home to more than three hundred wineries in the Napa Valley, and is one of the top wine producing areas of the United States. In addition, the...
IBM i Cybersecurity
Case Study

Fortra Helps International Rectifier Tackle Critical SOX Issues

Founded in 1947, International Rectifier (IR) is a world leader in advanced power management technology. The company’s 5,400 worldwide employees support operations in 20 countries. Annual revenues are approximately $1 billion. Compliance Regulations Remain at the Top of Exec's Minds Sarbanes-Oxley (SOX) hasn’t disappeared and remains at the top of many executives’ minds. Among other stipulations...
Compliance
IBM i Cybersecurity