Guide
Essentials for Privileged Access Management
Learn how you can effectively and efficiently control privileged UNIX and Linux accounts from accessing data or executing any application by using centralized access management.
Guide
Our Privileged Access Management Solution - Your Sudo Replacement
Learn how to reduce the risk of insider fraud, streamline regulatory compliance, and greatly reduce administration efforts with an effective privileged access management solution.
Guide
Controlling SSH for Security and Compliance
SSH is nearly ubiquitous in today’s enterprises, and is the predominant tool for managing unix and linux servers, and the applications and data that they host. Poor practices around the deployment and management of the SSH infrastructure could easily leave your enterprise vulnerable to a breach. Are you in control?
SSH, Secure Shell protocol, is now nineteen years old and broadly deployed across...
Article
New Approaches to the SWIFT and PCI-DSS Framework
Mon, 03/13/2017
THE WORLD OF COMPLIANCE
At the official start of summertime 2016 in Britain we are starting to consume the labour of last autumn, five gallons of alcoholic homemade cider (yum!) made from eight apple varieties grown in mine and my neighbors’ gardens. I’m very VERY careful sterilizing glassware, containers, and buckets: there was this unfortunate...
Article
Sudo or SuDon't: Manage Your Privileged Command Execution and Sudo Policies
Mon, 03/13/2017
System admins need root level authority at all times, system operations staff needs periodic database and application account authority, and security admins needing to protect the environment are some of the few of the challenges of managing privilege in the enterprise server infrastructure. Read this article to learn more about Sudo alternatives.
Article
Pros and Cons for Puppet's Configuration Management & Security
Mon, 03/13/2017
THE GOOD, THE BAD AND THE UGLY
I was at the Red Hat Summit in Boston at the end of June. We had a lot of activity at our exhibitor stand, and a lot of discussions being passed on to me by our sales team
I continued to have the same conversation again and again over the three days. This seems to be the year people have finished bedding down Puppet...
Article
Managing IT Access Privileges
Mon, 03/13/2017
THE UNSOLVED PROBLEM
Secure, private, effective use of computers by a company (including hosted, cloud and other services as well as the company’s own systems) relies on managing access privileges.
The problem isn’t unique to computers. Office buildings, hotels, apartments and college dorms, for example, typically have “master keys” (or smart ID...
Article
Solving Healthcare Security Concerns
Mon, 03/13/2017
According to a recent KPMG report, four-fifths of executives at healthcare providers and payers say their information technology has been compromised by cyberattacks. That same report presents how the increased risk to healthcare organizations relates to the richness and uniqueness of the information that health plans, doctors and hospitals handle. Apart from typical financial fraud, there is also...
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Blog
How to Choose a Capacity Planning Tool
By Per Bauer on Tue, 02/28/2017
Looking for a capacity planning tool? Find out how to choose a tool that will be the most accurate.
On-Demand Webinar
An Introduction to PCI Compliance on IBM Power Systems
By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
Guide
Download “Identity & Access Management for IBM i”
Insiders are responsible for 34 percent of data breaches—and insiders are also the most difficult threat to control control on IBM i. You can't lock them out completely because your IBM i users need at least some level of access to do their jobs.
So, how do you ensure users have only the access they need without overburdening IT with manual processes that...
Guide
Build vs. Buy: The Argument Against Developing a Solution for Exit Point Security
Before you commit the resources to develop an in-house solution for exit point security, read our list of issues to consider. You might decide it’s neither easy nor cost-effective to set up and monitor your own in-house solution.
Guide
Dashboards Don't Work (Unless You Have a Metrics Management Strategy)
Tech has had a tremendous impact on the way today’s businesses seek continued growth and improvement. No matter what business they are in, executives everywhere are investing in technology that improves their business processes, gets them ahead of the competition and widens their margins. Ultimately, the return on that investment is determined by how well technology supports a business’ ability to...
Guide
Controlling SQL Updates Using Powertech Exit Point Manager for IBM i
Over the years, users have relied on commands like STRSQL and RUNSQL to provide instant and powerful access to the data on their Power Systems™ servers. All types of users—from programmers to system administrators to end users—use these commands as their primary interface for extracting and updating data.
However, allowing a user to view, update, and even delete data without any control by the...