Data leaks and operational disruptions can come from any source—internal or external.
To protect sensitive data from modern cyberthreats, all organizations need a robust intrusion detection and prevention system (IDS/IPS).
The IBM i operating system includes advanced capabilities for detecting and preventing external threats, but there are still gaps that must be filled.
Download this guide...
Despite the server’s incredible security infrastructure, auditing remains primarily a thankless, manual chore. And, let’s face it, any task that’s thankless and manual probably won’t get done.
Let’s face it, the amount of data that we have is only continuing to grow, which will become harder to manage and understand. Per IDC Research, 90 percent of data in the world today was created in the last two years, and in 2016, we entered the zettabyte era.
A huge challenge for everyone is finding the best way to convert all their data into meaningful information. But that can be tricky.
If...
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?