When it comes to security on IBM Power Servers running IBM i, a common challenge for many organizations is the number of users with too much power. These users can potentially circumvent application controls, override security restrictions for themselves and others, change critical server configuration settings, and even cover their tracks while they do it.

While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.

Ask any security professional which area of IBM i security is most often ignored and chances are that the unanimous response is a chorus of “the Integrated File System.” Although it’s been around since V3R1, the Integrated File System, or IFS, remains a shrouded mystery that represents significant risk to many IBM i organizations.

Read this article to learn how organizations are handling the AS/400 (iSeries, IBM i) skills shortage in 2019.

Read on to find out the results of a detection rate test between our enterprise solution, Powertech Antivirus, and the most widely used open source Linux antivirus, ClamAV.

Media Text In the early 1990s the Open Software Foundation formed a committee to select and standardize a new Management Platform Toolset for and from the UNIX ecosystem. After much...

Why choose Powertech for your IBM i security needs? Here are the main reasons organizations around the world rely on us to protect their mission-critical systems.

A user’s ability to execute commands in a green-screen environment is controlled by the limit capabilities (LMTCPB) parameter on their profile. Although without exit programs to extend IBM i security functions, even limited capability users could invoke commands through network interfaces such as FTP.

Disk drive encryption may help you comply with PCI DSS, but you must follow strict requirements. Additionally, relying solely on disk drive encryption for data protection has serious potential risks that you should be aware of.

System admins need root level authority at all times, system operations staff needs periodic database and application account authority, and security admins needing to protect the environment are some of the few of the challenges of managing privilege in the enterprise server infrastructure. Read this article to learn more about Sudo alternatives.

THE GOOD, THE BAD AND THE UGLY I was at the Red Hat Summit in Boston at the end of June. We had a lot of activity at our exhibitor stand, and a lot of discussions being passed on to me by our sales team I continued to have the same conversation again and again over the three days. This seems to be the year people have finished bedding down Puppet...

THE UNSOLVED PROBLEM Secure, private, effective use of computers by a company (including hosted, cloud and other services as well as the company’s own systems) relies on managing access privileges. The problem isn’t unique to computers. Office buildings, hotels, apartments and college dorms, for example, typically have “master keys” (or smart ID...

According to a recent KPMG report, four-fifths of executives at healthcare providers and payers say their information technology has been compromised by cyberattacks. That same report presents how the increased risk to healthcare organizations relates to the richness and uniqueness of the information that health plans, doctors and hospitals handle. Apart from typical financial fraud, there is also...

There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?