Resources

Blog

eBay Breach Highlights the Value of Monitoring Security-Related Events

By Robin Tatam on Fri, 03/24/2017
  The importance of monitoring your computer system and personal information simply cannot be overstated. In today's online environment, hackers hungry for users' account information and other sensitive details seem to be lurking around every corner. To keep these attackers at bay, companies must always have an eye on system and account activity, and be able to react quickly should anything...
Infrastructure and Data Protection
Blog

Cracking the Problem of Endpoint Security

By Robin Tatam on Fri, 03/24/2017
Endpoint security has been a hot topic in the technology and corporate sectors for a few years. Especially with the emergence of bring-your-own-device practices, it has become even more critical to put safeguards in place to ensure the security of sensitive information.
Infrastructure and Data Protection
Blog

Single Sign-On and the Dangers of Active Directory

By Robin Tatam on Fri, 03/24/2017
Active Directory is a staple of enterprise IT and it nominally ensures secure, authenticated access to a company's core business applications. It can become problematic if it isn't properly monitored and supported by up-to-date security software, modern hardware, and access controls. Accordingly, system administrators face many potential risks when working with Active Directory.
Infrastructure and Data Protection
Data Integrity Monitoring graphic
Article

How To Maintain Your Data Integrity

By Robin Tatam on Tue, 03/21/2017
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
Infrastructure and Data Protection
Banks depend on AS/400 for security
Blog

IBM i: The Backbone of the Banking Industry

Tue, 03/21/2017
Highly regulated organizations such as those in the banking industry have a strong history with IBM i, and for good reason—the platform offers an unprecedented level of security.
Infrastructure and Data Protection
On-Demand Webinar

10 Tips for AIX Security

By Robin Tatam
Attackers often target servers used for mission-critical data, and servers running AIX are no exception. In this on-demand webinar, cybersecurity expert Robin Tatam explains how a well-defined security policy can help protect your systems, focusing on the 10 most important issues to consider for setting a strong AIX security policy.
Infrastructure and Data Protection
Guide

Controlling SSH for Security and Compliance

SSH is nearly ubiquitous in today’s enterprises, and is the predominant tool for managing unix and linux servers, and the applications and data that they host. Poor practices around the deployment and management of the SSH infrastructure could easily leave your enterprise vulnerable to a breach. Are you in control? SSH, Secure Shell protocol, is now nineteen years old and broadly deployed across...
Data Protection
Compliance
IT Infrastructure Protection
Article

New Approaches to the SWIFT and PCI-DSS Framework

Mon, 03/13/2017
THE WORLD OF COMPLIANCE At the official start of summertime 2016 in Britain we are starting to consume the labour of last autumn, five gallons of alcoholic homemade cider (yum!) made from eight apple varieties grown in mine and my neighbors’ gardens. I’m very VERY careful sterilizing glassware, containers, and buckets: there was this unfortunate...
Infrastructure and Data Protection
Blog

PCI Compliance is Only the Beginning of Security

By Robin Tatam on Wed, 03/08/2017
The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.
Compliance
IBM i Cybersecurity
Blog

PCI Compliance Takeaways from the Target Data Breach

By Robin Tatam on Wed, 03/08/2017
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
Compliance
Blog

What to Know about the New NIST Cybersecurity Framework

By Robin Tatam on Wed, 03/08/2017
Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.
Compliance
Case Study

Field-level Encryption Helps Retail Chain Achieve PCI Compliance

Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors. “We need to be able to access credit card...
Compliance
IBM i Cybersecurity
On-Demand Webinar

An Introduction to PCI Compliance on IBM Power Systems

By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
Compliance
IBM i Cybersecurity