News Article
TechChannel: Rising Stars Roundtable featuring Megan Olson
Fri, 12/01/2023
TechChannel Rising Star recipient, Megan Olson took part in a roundtable discussion to share her experience as a newcomer to the IBM i industry.
Article
The Difference Between OCR and IDP
Thu, 06/23/2022
Compare optical character recognition (OCR) and intelligent document processing (IDP) to learn when to use each to make structured and unstructured data more usable.
Article
Key Management and Strong Encryption For PCI DSS Compliance With Powertech Encryption for IBM i
By Bob Luebbe on Tue, 12/29/2020
PCI DSS now includes requirements for strong encryption of cardholder data. Learn how key management is an essential element of preventing unauthorized data access.
Article
IBM i Cloud Security Considerations
Fri, 08/14/2020
As you consider taking your IBM i to the cloud, cybersecurity will no doubt top your list of concerns. And for good reason. It’s important to remember that the cloud is kind of a lie. Your sensitive data is simply being sent to someone else’s server, and that server has a physical location somewhere. Just like on-prem cybersecurity, IBM i cloud security can be divided into two parts: Regulatory...
Article
Empower Your Security Monitor with Powertech SIEM Agent for IBM i
By Robin Tatam on Wed, 08/28/2019
Typically, there are two main issues with monitoring a system manually: having to go out deliberately (and repeatedly) and check to see if something has happened; and the fact that you are most likely looking for the proverbial needle in a haystack of logged events.
Article
I Have All Object Authority And I’m Not Afraid To Use It!
By Sandi Moore on Thu, 06/27/2019
When it comes to security on IBM Power Servers running IBM i, a common challenge for many organizations is the number of users with too much power. These users can potentially circumvent application controls, override security restrictions for themselves and others, change critical server configuration settings, and even cover their tracks while they do it.
Article
I’ve Got *ALLOBJ Authority And I’m Not Afraid To Use It—Part 2
By Robin Tatam on Thu, 06/27/2019
While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.
Article
Remember the IFS!
By Robin Tatam on Thu, 06/27/2019
Ask any security professional which area of IBM i security is most often ignored and chances are that the unanimous response is a chorus of “the Integrated File System.” Although it’s been around since V3R1, the Integrated File System, or IFS, remains a shrouded mystery that represents significant risk to many IBM i organizations.
Article
Interacting with Powertech SIEM Agent for IBM i
By Robin Tatam on Thu, 03/21/2019
Your organization has invested in a security information event manager, or SIEM, to receive and analyse security and event log information from a variety of servers. Now they want to also get this information from their IBM Power Systems server.
Article
Managing Your IBM i Audit Data
By Robin Tatam on Wed, 08/01/2018
Let’s face it; system administration remains a largely thankless task. From scheduling jobs to balancing workloads to answering messages in QSYSOPR, administrators and operators work diligently behind the scenes to ensure that IBM i servers are available to run mission-critical applications.
Article
Generate and Distribute Audit Reports Automatically
By Robin Tatam on Mon, 04/03/2017
Despite the server’s incredible security infrastructure, auditing remains primarily a thankless, manual chore. And, let’s face it, any task that’s thankless and manual probably won’t get done.
Article
Protect the IBM i Command Line with Powertech Command Security for IBM i
By Robin Tatam on Fri, 03/24/2017
A user’s ability to execute commands in a green-screen environment is controlled by the limit capabilities (LMTCPB) parameter on their profile. Although without exit programs to extend IBM i security functions, even limited capability users could invoke commands through network interfaces such as FTP.
Article
Audit Tested & Audit Approved Instant Authority!
By Robin Tatam on Fri, 03/24/2017
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
Article
Command Access Can Bring Unexpected Consequences
By Robin Tatam on Fri, 03/24/2017
Does this sound familiar? You recently experienced an “unplanned outage” after an administrator inadvertently issued a PWRDWNSYS command while mentoring a new operator.
Article
How To Maintain Your Data Integrity
By Robin Tatam on Tue, 03/21/2017
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
Article
The Modern Alternative to Authority Adoption
By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
Article
Stay on Top of Security with Security Scan
By Robin Tatam on Wed, 03/08/2017
Security and compliance adherence has elevated in criticality over the past few years and has now taken its rightful place as a primary IT initiative, alongside virtualization and disaster preparedness. The necessity for better data protection has landed front-and-center in the public eye following some of the largest data breaches on record.
Article
What's New in Security for IBM i 7.2
By Robin Tatam on Wed, 03/08/2017
IBM i security expert Robin Tatam covers the new security functionality added to IBM i 7.2
Article
The Road To Security Starts with a Security Scan
By Robin Tatam on Wed, 03/08/2017
Sometimes, there are known vulnerabilities that clearly need to be mitigated as soon as possible—such as application users running with *ALLOBJ special authority. But, often there isn’t a thorough understanding of what’s wrong with a server’s configuration or what should be addressed first.