Resources

Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
IBM i Cybersecurity
Blog

PCI Compliance Takeaways from the Target Data Breach

By Robin Tatam on Wed, 03/08/2017
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
Compliance
Blog

What is the Value of SIEM?

By Robin Tatam on Wed, 03/08/2017
As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…
Vulnerability Management
On-Demand Webinar

An Introduction to PCI Compliance on IBM Power Systems

By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
Compliance
IBM i Cybersecurity
Case Study

Appvion Improves Customer Satisfaction with a Digital Document Repository

Appvion, Inc. manufactures paper—thermal, carbonless, security, inkjet, digital specialty and colored papers. But this Appleton, Wisconsin-based company had a problem when it came to digital documents in their customer web portal. Their existing system just wasn’t up to snuff. It was time to make a change. ...
Automation
Article

Monitor, Capture, and Send Log Events With Powertech SIEM Agent for IBM i

By Robin Tatam on Sun, 08/21/2016
In recent years, regulatory initiatives like Sarbanes-Oxley, HIPAA, PCI, and GLBA have placed increased emphasis on the need to monitor and secure sensitive information. For example, The Payment Card Industry (PCI) Data Security Standard dictates one of the most stringent requirements of all—logs must be reviewed daily, and a minimum of three months of logs must be available for analysis.
IBM i Cybersecurity
Blog

IT Security Compliance 101

By Robin Tatam on Sun, 08/21/2016
In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.
Compliance
IBM i Cybersecurity
Guide

Download “How IT Professionals Can Navigate PCI DSS Compliance” Guide

The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information. This includes merchants and third-party service providers that store, process, or transmit credit card data.The launch of PCI DSS helped expose serious security shortcomings, failures to follow security best practices, and a...
Compliance
IT Infrastructure Protection
Guide

Self-Audit: Checking Assumptions at the Door

Sysadmins, devops engineers, and cybersecurity personnel are often kept awake by a number of questions. How should I monitor my monitoring to be sure it will alert me when there is a security issue that needs my intervention? How can I be sure that the servers and processes in the environment haven’t been rooted already? In the quest to get better sleep, it is a good idea to self-audit your...
Compliance
Case Study

Fortra Automates Report Delivery at Ullico

Reports are an essential part of all businesses. Among other purposes, they help organizations to better manage and control their operations. But what if managing those documents placed an unnecessary burden on the enterprise? Paper-based reports do exactly that.
Automation
Case Study

Powertech Helps the Seneca Nation Play the Security Game

The SGC has a fairly large IBM i presence, including multiple production, development, test, and training systems, in a High Availability (HA) environment. They rely heavily on their IBM i servers to run their distributed properties, including casinos, hotels, resorts, retail outlets...
IBM i Cybersecurity
Compliance