On-Demand Webinar
Controlling Insider Threats on IBM i
By Robin Tatam
Despite the avalanche of regulations, news headlines remain chock full of stories about data breaches, all initiated by insiders or intruders masquerading as insiders.
Article
Eight Steps Toward a Secure Hybrid Cloud Environment
Fri, 03/16/2018
Protect your data and your company from internal and external threats by ensuring that your security policies on-premises and in the cloud are aligned with this checklist.
Blog
When Security Becomes a DevOps Blind Spot
By Bob Erdman on Mon, 02/05/2018
One question is often left unasked in DevOps strategy meetings: what about security?
Article
Audit Tested & Audit Approved Instant Authority!
By Robin Tatam on Fri, 03/24/2017
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
Guide
Essentials for Privileged Access Management
Learn how you can effectively and efficiently control privileged UNIX and Linux accounts from accessing data or executing any application by using centralized access management.
Article
New Approaches to the SWIFT and PCI-DSS Framework
Mon, 03/13/2017
THE WORLD OF COMPLIANCE
At the official start of summertime 2016 in Britain we are starting to consume the labour of last autumn, five gallons of alcoholic homemade cider (yum!) made from eight apple varieties grown in mine and my neighbors’ gardens. I’m very VERY careful sterilizing glassware, containers, and buckets: there was this unfortunate...
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Article
The Modern Alternative to Authority Adoption
By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
On-Demand Webinar
An Introduction to PCI Compliance on IBM Power Systems
By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
On-Demand Webinar
Audit and Control of Powerful Users on IBM i
By Robin Tatam
Discover the ways to control and audit the activity of powerful users, with a view to enhancing the integrity of your IBM i. With the proper controls in place, you can restrict even the most powerful users as required.
Guide
Download “Identity & Access Management for IBM i”
Insiders are responsible for 34 percent of data breaches—and insiders are also the most difficult threat to control control on IBM i. You can't lock them out completely because your IBM i users need at least some level of access to do their jobs.
So, how do you ensure users have only the access they need without overburdening IT with manual processes that...
Blog
What Is a Profile Swap and How Can It Help Secure IBM i?
By Robin Tatam on Thu, 02/09/2017
In this short video, IBM i security expert Robin Tatam explains what a profile swap is and how it helps secure your system.
On-Demand Webinar
44 Percent of Your IBM i Users Can Do WHAT?!
By Robin Tatam
Your IBM i power users are one of your greatest assets. But on most systems, they're also one of your greatest security vulnerabilities. Find out how to regain control.
Guide
Anti Malware for Linux, AIX, and IBM i Servers
When Malware Attacks Your IBM i, AIX, and Linux Servers Guide
Malware and ransomware attacks have increased, halting day-to-day operations and bringing organizations to their knees. Businesses know anti malware is essential to protecting PCs from malicious programs, but many don’t realize the value of server-level protection until the damage is done.
This guide examines the real-world...
Blog
IT Security Compliance 101
By Robin Tatam on Sun, 08/21/2016
In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.
Guide
Effective Log Management
IBM’s customers are turning to Power VM virtualization to consolidate multiple workloads onto fewer systems increasing server utilization and reducing cost. However a virtualized server landscape on several different IBM platforms (IBM Power Systems™, IBM System x®, and IBM BladeCenter®) may reduce hardware complexity but this puts a strain on supporting the entire lifecycle of analysis,...
Guide
13 Tips to Write Secure Applications and Boost IBM i Security
Barely a day passes without new headlines reporting another cyber attack, policy violation, or data breach. Secretly, we breathe a sigh of relief that it happened to someone else, but most of us know that we’ll all eventually feel the impact in some capacity.
Guide
Two Factor Authentication for IBM i
Organizations facing a more advanced threat landscape and a complex regulatory environment require a solution which addresses the need for securely controlling access to existing systems and applications. In addition, this solution should not increase the workload on support, application providers or the end user.
Case Study
Powertech Security Auditor Helps CDW Automate Regulatory Compliance Requirements
CDW, a leading provider of technology solutions for business, government, and healthcare, was challenged with meeting strict compliance requirements with minimal staff. The company turned to Powertech Security Auditor to reduce manual processes