Resources

Guide

Controlling SSH for Security and Compliance

SSH is nearly ubiquitous in today’s enterprises, and is the predominant tool for managing unix and linux servers, and the applications and data that they host. Poor practices around the deployment and management of the SSH infrastructure could easily leave your enterprise vulnerable to a breach. Are you in control? SSH, Secure Shell protocol, is now nineteen years old and broadly deployed across...
Blog

PCI Compliance is Only the Beginning of Security

The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.
Blog

PCI Compliance Takeaways from the Target Data Breach

Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
Blog

What to Know about the New NIST Cybersecurity Framework

Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.
Blog

How DR Compliance Requirements Impact HA Decisions

Disaster recovery requirements are part of the geographic and industry regulations that affect our organizations. Having the right solutions in place can help to avoid penalties and make audits go smoothly. Read on to create a complete compliance toolkit.
Case Study

Field-level Encryption Helps Retail Chain Achieve PCI Compliance

Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors. “We need to be able to access credit card...
On-Demand Webinar

An Introduction to PCI Compliance on IBM Power Systems

Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
On-Demand Webinar

IBM i Audit Capabilities

Many shy away from security auditing on the IBM i, but taking a common sense approach makes it possible to eliminate the drawbacks and get the vital information we need to properly manage the system.
Article

iSeries Penetration Testing

Simple penetration tests help determine if a policy breach will be prevented and ensure that interested parties receive alert notifications. Failed tests might be indicative of a problem with product activation, or an incorrect or outdated Exit Point Manager IBM i rule set.
Guide

Download "How IT Professionals Can Navigate SOX Compliance"

Compliance with Sarbanes-Oxley (SOX) is impossible without IT professionals, but translating this law into IT action items is a challenge. With penalties up to $10 million fines and even prison time, following SOX—and proving you're compliant—is vital. This compliance guide breaks down the most important aspects of SOX that affect IT professionals and focuses on what you need to know to get...