Article
I’ve Got *ALLOBJ Authority And I’m Not Afraid To Use It—Part 2
By Robin Tatam on Thu, 06/27/2019
While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.
On-Demand Webinar
Pro Tips for IBM i User Access Management
By Robin Tatam
Watch this webinar to learn how to increase user efficiency and improve your IBM i security posture at the same time.
Datasheet
Powertech Compliance Monitor for IBM i
Compliance Monitor gathers a broad set of audit and security data from your Power Systems™ running IBM i. Schedule a demo today.
Datasheet
Powertech Authority Broker for IBM i
Satisfy your auditor requirements with reports that provide a complete audit trail of privileged user activity with Powertech Authority Broker for IBM i. Schedule a demo today.
Article
Managing Your IBM i Audit Data
By Robin Tatam on Wed, 08/01/2018
Let’s face it; system administration remains a largely thankless task. From scheduling jobs to balancing workloads to answering messages in QSYSOPR, administrators and operators work diligently behind the scenes to ensure that IBM i servers are available to run mission-critical applications.
On-Demand Webinar
Getting Started with IBM i Security: User Privileges
By Robin Tatam
Get up to speed on special authorities, command line access, and auditing user activities
On-Demand Webinar
Controlling Insider Threats on IBM i
By Robin Tatam
Despite the avalanche of regulations, news headlines remain chock full of stories about data breaches, all initiated by insiders or intruders masquerading as insiders.
Datasheet
VCM
VCM allows you to get insight into your hybrid IT infrastructure, eliminate wasted spend, and prevent problems before they occur.
On-Demand Webinar
Reduce the Cost and Effort of IBM i Auditing
By Robin Tatam
IBM i puts the ability to audit at your disposal, but how do you convert the raw data into useful information?
Blog
How to Apply IDS/IPS to IBM i
By Robin Tatam on Fri, 05/12/2017
IPS/IDS are common cybersecurity terms, but how does that pertain to the IBM i environment?
Guide
Download "Secure Inside and Out: Maximizing Intrusion Detection and Prevention on IBM i"
Data leaks and operational disruptions can come from any source—internal or external.
To protect sensitive data from modern cyberthreats, all organizations need a robust intrusion detection and prevention system (IDS/IPS).
The IBM i operating system includes advanced capabilities for detecting and preventing external threats, but there are still gaps that must be filled.
Download this guide...
Article
Generate and Distribute Audit Reports Automatically
By Robin Tatam on Mon, 04/03/2017
Despite the server’s incredible security infrastructure, auditing remains primarily a thankless, manual chore. And, let’s face it, any task that’s thankless and manual probably won’t get done.
Article
Audit Tested & Audit Approved Instant Authority!
By Robin Tatam on Fri, 03/24/2017
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
Article
How To Maintain Your Data Integrity
By Robin Tatam on Tue, 03/21/2017
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Blog
PCI Compliance Takeaways from the Target Data Breach
By Robin Tatam on Wed, 03/08/2017
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
Article
The Modern Alternative to Authority Adoption
By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
On-Demand Webinar
An Introduction to PCI Compliance on IBM Power Systems
By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?