This article takes a closer look at why granular access control is so effective by placing limitations on who can get into your organization’s system, where, when and how they can access it, and what they can do with it.

Protect your data and your company from internal and external threats by ensuring that your security policies on-premises and in the cloud are aligned with this checklist.

GDPR is here! Automation is a critical tool to ensure compliance.

Why choose Powertech for your IBM i security needs? Here are the main reasons organizations around the world rely on us to protect their mission-critical systems.

Despite the server’s incredible security infrastructure, auditing remains primarily a thankless, manual chore. And, let’s face it, any task that’s thankless and manual probably won’t get done.

A user’s ability to execute commands in a green-screen environment is controlled by the limit capabilities (LMTCPB) parameter on their profile. Although without exit programs to extend IBM i security functions, even limited capability users could invoke commands through network interfaces such as FTP.

Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.

Does this sound familiar? You recently experienced an “unplanned outage” after an administrator inadvertently issued a PWRDWNSYS command while mentoring a new operator.

File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.

Disk drive encryption may help you comply with PCI DSS, but you must follow strict requirements. Additionally, relying solely on disk drive encryption for data protection has serious potential risks that you should be aware of.

THE WORLD OF COMPLIANCE At the official start of summertime 2016 in Britain we are starting to consume the labour of last autumn, five gallons of alcoholic homemade cider (yum!) made from eight apple varieties grown in mine and my neighbors’ gardens. I’m very VERY careful sterilizing glassware, containers, and buckets: there was this unfortunate...

There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?

Simple penetration tests help determine if a policy breach will be prevented and ensure that interested parties receive alert notifications. Failed tests might be indicative of a problem with product activation, or an incorrect or outdated Exit Point Manager IBM i rule set.

V7R3 provides some new and changed features in the IBM i integrated auditing function as well as a new feature that will take the guesswork out of implementing object-level security. I want to save the best for last, so I’ll start with the updated auditing features. New and Changed Auditing Features The CP (Changes to User Profiles) audit journal entry has always contained useful information...

In recent years, regulatory initiatives like Sarbanes-Oxley, HIPAA, PCI, and GLBA have placed increased emphasis on the need to monitor and secure sensitive information. For example, The Payment Card Industry (PCI) Data Security Standard dictates one of the most stringent requirements of all—logs must be reviewed daily, and a minimum of three months of logs must be available for analysis.