While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.
Satisfy your auditor requirements with reports that provide a complete audit trail of privileged user activity with Powertech Authority Broker for IBM i. Schedule a demo today.
Consider the type of information contained in the PDFs in your directories and spooled files in your output queues. Aside from taking up disk space and consuming time during a backup, what's the issue with leaving these reports on the system? The issue is the contents of those reports, along with who has access to them.
Despite the avalanche of regulations, news headlines remain chock full of stories about data breaches, all initiated by insiders or intruders masquerading as insiders.
Based in Fagersta, Sweden, Seco Tools AB is one of the world’s largest providers of comprehensive metal cutting solutions for milling, stationary tools, hole-making, and tooling equipment. Seco partners with nearby Rg19/
Load, a managed service provider (MSP), for advanced server monitoring solutions that enable fast response to issues that could disrupt business.
The Challenge
Fast...
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
Discover the ways to control and audit the activity of powerful users, with a view to enhancing the integrity of your IBM i. With the proper controls in place, you can restrict even the most powerful users as required.
Insiders are responsible for 34 percent of data breaches—and insiders are also the most difficult threat to control control on IBM i. You can't lock them out completely because your IBM i users need at least some level of access to do their jobs.
So, how do you ensure users have only the access they need without overburdening IT with manual processes that...
Your IBM i power users are one of your greatest assets. But on most systems, they're also one of your greatest security vulnerabilities. Find out how to regain control.