Resources | Fortra

Resources

Blog

6 Pro Tips from the 2024 State of IBM i Security Study

Mon, 05/06/2024

If you're responsible for IBM i security, you don't want to miss the top 6 expert tips pulled from the 2024 State of IBM i Security Study!

Blog

Compliance Mandates Apply to IBM i Too

By Amy Williams on Tue, 02/20/2024

The most overlooked aspects of IBM i compliance with PCI-DSS, SOX, HIPAA, and other standards, how to configure them correctly, and what Fortra can do to help.

How to Succeed at IBM i Security

Blog

How to Succeed at IBM i Security

Mon, 02/19/2024

Find out where security plans are running off course and how you can make a completely attainable plan to succeed.

TechChannel

News Article

TechChannel: Rising Stars Roundtable featuring Megan Olson

Fri, 12/01/2023

TechChannel Rising Star recipient, Megan Olson took part in a roundtable discussion to share her experience as a newcomer to the IBM i industry.

Blog

You’ve Upgraded Your Hardware. Now It’s Time to Upgrade Your Security Posture

By Amy Williams on Wed, 09/20/2023

If you have recently upgraded your hardware, our this is a great opportunity to establish IBM i security best practices for your organization now and into the future — and our free Security Scan will help you do just that. The Security Scan takes an inventory of your current security settings and uses the results to demonstrate your data’s degree of vulnerability and pinpoint specific weaknesses.

Blog

Understanding CVE 2023-30990: The Vulnerability Exploiting the DDM

By Amneris Teruel on Tue, 07/25/2023

Discover CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service. Learn what this vulnerability is, how it impacts the IBM i, and how you can prevent as well as assess your exposure to it.

Blog

How to Meet Cyber Insurance Requirements for IBM i

Thu, 03/02/2023

Discover what cyber insurance is, the solutions you may need to qualify or lower premiums, and what Fortra offers to assist your IBM i organization with becoming cyber insured.

Blog

Malware, Ransomware, and Viruses vs Your IBM i Server

By Robin Tatam on Fri, 02/11/2022

Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.

Blog

Recommended QSECURITY Level for IBM i

By Robin Tatam on Thu, 04/15/2021

The system security level (QSECURTY) sets the overall tone for your IBM i security posture. Read this blog post to learn how many organizations are following IBM's best practices.

Blog

IBM i (AS/400) Security Study Shows Shocking Number of Users Have Default Passwords

By Robin Tatam on Thu, 04/15/2021

Password security issues are critical because they represent the most obvious—and most easily exploited—method to compromise your system. But an alarming number of users rely on the simplest passwords possible on IBM i.

Blog

Reduce Virus Spread with QIBM_QP0L_SCAN_OPEN and QIBM_QPWFS_FILE_SERV

By Robin Tatam on Thu, 04/15/2021

The data below is taken from the 2021 State of IBM i Security Study, which provides compelling insight into the security posture of 247 IBM i servers and partitions—systems that are often used for business-critical data, payment card data, and personally identifiable information (PII). The full study can be accessed here. ...

Blog

IBM i (AS/400) Security Best Practice: Recommended Response to Invalid Sign-On Attempts

By Robin Tatam on Thu, 04/15/2021

Invalid sign-on attempts happen to everyone from time to time, but large numbers of invalid attempts could indicate a cyber attack in progress.

Blog

IBM i (AS/400) Security Best Practice: Limit Users with *ALLOBJ

By Robin Tatam on Thu, 04/15/2021

In the wrong hands, IBM i special authorities can do serious damage, but the latest research shows far too many users have more access and authority than they need. Learn the best practices and how you can implement them.

Blog

IBM i (AS/400) Security Best Practices: Inactive User Profiles

By Robin Tatam on Thu, 04/15/2021

Inactive user profiles pose a serious threat to more IBM i systems than you might expect. Get the latest data and learn how to protect your systems.

Manage encryption keys for IBM i

Article

Key Management and Strong Encryption For PCI DSS Compliance With Powertech Encryption for IBM i

By Bob Luebbe on Tue, 12/29/2020

PCI DSS now includes requirements for strong encryption of cardholder data. Learn how key management is an essential element of preventing unauthorized data access.

Article

IBM i Cloud Security Considerations

Fri, 08/14/2020

As you consider taking your IBM i to the cloud, cybersecurity will no doubt top your list of concerns. And for good reason. It’s important to remember that the cloud is kind of a lie. Your sensitive data is simply being sent to someone else’s server, and that server has a physical location somewhere. Just like on-prem cybersecurity, IBM i cloud security can be divided...

Article

Empower Your Security Monitor with Powertech SIEM Agent for IBM i

By Robin Tatam on Wed, 08/28/2019

Typically, there are two main issues with monitoring a system manually: having to go out deliberately (and repeatedly) and check to see if something has happened; and the fact that you are most likely looking for the proverbial needle in a haystack of logged events.

Article

I Have All Object Authority And I’m Not Afraid To Use It!

By Sandi Moore on Thu, 06/27/2019

When it comes to security on IBM Power Servers running IBM i, a common challenge for many organizations is the number of users with too much power. These users can potentially circumvent application controls, override security restrictions for themselves and others, change critical server configuration settings, and even cover their tracks while they do it.

Article

I’ve Got *ALLOBJ Authority And I’m Not Afraid To Use It—Part 2

By Robin Tatam on Thu, 06/27/2019

While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.

Article

Remember the IFS!

By Robin Tatam on Thu, 06/27/2019

Ask any security professional which area of IBM i security is most often ignored and chances are that the unanimous response is a chorus of “the Integrated File System.” Although it’s been around since V3R1, the Integrated File System, or IFS, remains a shrouded mystery that represents significant risk to many IBM i organizations.