Resources

Article

Sudo or SuDon't: Manage Your Privileged Command Execution and Sudo Policies

Mon, 03/13/2017
System admins need root level authority at all times, system operations staff needs periodic database and application account authority, and security admins needing to protect the environment are some of the few of the challenges of managing privilege in the enterprise server infrastructure. Read this article to learn more about Sudo alternatives.
Vulnerability Management
Offensive Security
Article

Pros and Cons for Puppet's Configuration Management & Security

Mon, 03/13/2017
THE GOOD, THE BAD AND THE UGLY I was at the Red Hat Summit in Boston at the end of June. We had a lot of activity at our exhibitor stand, and a lot of discussions being passed on to me by our sales team I continued to have the same conversation again and again over the three days. This seems to be the year people have finished bedding down Puppet...
Vulnerability Management
Article

Managing IT Access Privileges

Mon, 03/13/2017
THE UNSOLVED PROBLEM Secure, private, effective use of computers by a company (including hosted, cloud and other services as well as the company’s own systems) relies on managing access privileges. The problem isn’t unique to computers. Office buildings, hotels, apartments and college dorms, for example, typically have “master keys” (or smart ID...
Vulnerability Management
Article

Solving Healthcare Security Concerns

Mon, 03/13/2017
According to a recent KPMG report, four-fifths of executives at healthcare providers and payers say their information technology has been compromised by cyberattacks. That same report presents how the increased risk to healthcare organizations relates to the richness and uniqueness of the information that health plans, doctors and hospitals handle. Apart from typical financial fraud, there is also...
Vulnerability Management
Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
IBM i Cybersecurity
Article

The Modern Alternative to Authority Adoption

By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
IBM i Cybersecurity
Blog

Your Biggest Challenge to IBM i User Onboarding

By Robin Tatam on Mon, 03/06/2017
As companies bounce back from recession and place a stronger emphasis on digitally-driven innovations, IT departments are finally receiving the funds they need to hire qualified, new colleagues who can lighten the workload. However, the first order of business will be getting these recent hires up to speed.
IBM i Cybersecurity
Blog

How DR Compliance Requirements Impact HA Decisions

By Tom Huntington on Wed, 03/01/2017
Disaster recovery requirements are part of the geographic and industry regulations that affect our organizations. Having the right solutions in place can help to avoid penalties and make audits go smoothly. Read on to create a complete compliance toolkit.
Automation
Compliance
On-Demand Webinar

An Introduction to PCI Compliance on IBM Power Systems

By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
Compliance
IBM i Cybersecurity
On-Demand Webinar

Audit and Control of Powerful Users on IBM i

By Robin Tatam
Discover the ways to control and audit the activity of powerful users, with a view to enhancing the integrity of your IBM i. With the proper controls in place, you can restrict even the most powerful users as required.
IBM i Cybersecurity
Article

How Recoverable Is My IBM i?

By Tom Huntington on Thu, 02/09/2017
See how a two-pronged approach using data backups and a high availability solution could deliver the strongest disaster recovery strategy for your organization.
IBM i Automation
Guide

Download “Identity & Access Management for IBM i”

Insiders are responsible for 34 percent of data breaches—and insiders are also the most difficult threat to control control on IBM i. You can't lock them out completely because your IBM i users need at least some level of access to do their jobs. So, how do you ensure users have only the access they need without overburdening IT with manual processes that...
IBM i Cybersecurity