Guide
Download "How IT Professionals Can Navigate SOX Compliance"
Compliance with Sarbanes-Oxley (SOX) is impossible without IT professionals, but translating this law into IT action items is a challenge.
With penalties up to $10 million fines and even prison time, following SOX—and proving you're compliant—is vital.
This compliance guide breaks down the most important aspects of SOX that affect IT professionals and focuses on what you need to know to get...
Guide
Download "How IT Professionals Can Navigate HIPAA Compliance" Guide
The Health Insurance Portability and Accountability Act (HIPAA) is one of today’s most common compliance mandates, but translating this law into IT action items is a challenge.
As fines increase and more audits are scheduled, figuring out how which data HIPAA protects and how to bring your system into compliance is more important than ever.
This compliance guide breaks down some of the thorniest...
Article
Monitor, Capture, and Send Log Events With Powertech SIEM Agent for IBM i
By Robin Tatam on Sun, 08/21/2016
In recent years, regulatory initiatives like Sarbanes-Oxley, HIPAA, PCI, and GLBA have placed increased emphasis on the need to monitor and secure sensitive information. For example, The Payment Card Industry (PCI) Data Security Standard dictates one of the most stringent requirements of all—logs must be reviewed daily, and a minimum of three months of logs must be available for analysis.
Blog
Three Reasons You Need an Updated Security Policy
Sun, 08/21/2016
If you still think creating and maintaining a security policy isn’t necessary, you could be setting up your organization for an unpleasant surprise. Check out the top three reasons businesses need an up-to-date security policy.
Blog
IT Security Compliance 101
By Robin Tatam on Sun, 08/21/2016
In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.
Article
Improve Event Auditing Using the System Audit Journal
By Sandi Moore on Fri, 08/19/2016
With any security implementation, established rules become less effective as time passes. Because your security requirements and your systems aren’t static, you must continually audit and adapt your security plan to stay current. Be aware that your system is constantly changing.
Guide
Effective Log Management
IBM’s customers are turning to Power VM virtualization to consolidate multiple workloads onto fewer systems increasing server utilization and reducing cost. However a virtualized server landscape on several different IBM platforms (IBM Power Systems™, IBM System x®, and IBM BladeCenter®) may reduce hardware complexity but this puts a strain on supporting the entire lifecycle of analysis,...
Guide
13 Tips to Write Secure Applications and Boost IBM i Security
Barely a day passes without new headlines reporting another cyber attack, policy violation, or data breach. Secretly, we breathe a sigh of relief that it happened to someone else, but most of us know that we’ll all eventually feel the impact in some capacity.
Guide
Two Factor Authentication for IBM i
Organizations facing a more advanced threat landscape and a complex regulatory environment require a solution which addresses the need for securely controlling access to existing systems and applications. In addition, this solution should not increase the workload on support, application providers or the end user.
Guide
Download “How IT Professionals Can Navigate PCI DSS Compliance” Guide
The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information. This includes merchants and third-party service providers that store, process, or transmit credit card data.
The launch of PCI DSS helped expose serious security shortcomings, failures to follow security best practices, and...
Blog
Hacktivists Show the Danger of Leaving IBM i Unprotected
Thu, 08/11/2016
Your IBM i is only as secure as you make it. IBM i security experts have been saying this for years, but at least one organization learned the hard way.
Press Release
HelpSystems (now Fortra) Fills Encryption Gap With Linoma Buy
Despite all the IBM i security vendors that Fortra has bought over the years--and there have been at least five of them--the company has lacked one key security capability valued by enterprises: encryption.
Guide
Self-Audit: Checking Assumptions at the Door
Sysadmins, devops engineers, and cybersecurity personnel are often kept awake by a number of questions.
How should I monitor my monitoring to be sure it will alert me when there is a security issue that needs my intervention? How can I be sure that the servers and processes in the environment haven’t been rooted already?
In the quest to get better sleep, it is a good idea to self-audit your...
Article
Don’t Be Exposed In *PUBLIC!
Mon, 06/27/2016
Security typically operates so that users who are not granted authority have no authority. IBM i security, however, has a unique concept known as *PUBLIC.
Article
What's New for Security in IBM i 7.1
By Robin Tatam on Mon, 06/27/2016
IBM added additional security functions in version 7.1 to further establish the Power Systems IBM i operating system as a world-class securable environment.