Typically, there are two main issues with monitoring a system manually: having to go out deliberately (and repeatedly) and check to see if something has happened; and the fact that you are most likely looking for the proverbial needle in a haystack of logged events.

When it comes to security on IBM Power Servers running IBM i, a common challenge for many organizations is the number of users with too much power. These users can potentially circumvent application controls, override security restrictions for themselves and others, change critical server configuration settings, and even cover their tracks while they do it.

While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.

Ask any security professional which area of IBM i security is most often ignored and chances are that the unanimous response is a chorus of “the Integrated File System.” Although it’s been around since V3R1, the Integrated File System, or IFS, remains a shrouded mystery that represents significant risk to many IBM i organizations.

Read this article to learn how organizations are handling the AS/400 (iSeries, IBM i) skills shortage in 2019.

Read on to find out the results of a detection rate test between our enterprise solution, Powertech Antivirus, and the most widely used open source Linux antivirus, ClamAV.

“Some cloud vendors tout that systems deployed within their framework require little or no administration: You create an image with the software and applications that you want it to provide services for, spin it up in a management console, and Voila! you have an entirely new system online; with minimal cost, no hassle, little work. However, even...

Why choose Powertech for your IBM i security needs? Here are the main reasons organizations around the world rely on us to protect their mission-critical systems.

A user’s ability to execute commands in a green-screen environment is controlled by the limit capabilities (LMTCPB) parameter on their profile. Although without exit programs to extend IBM i security functions, even limited capability users could invoke commands through network interfaces such as FTP.

Disk drive encryption may help you comply with PCI DSS, but you must follow strict requirements. Additionally, relying solely on disk drive encryption for data protection has serious potential risks that you should be aware of.

There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?

Simple penetration tests help determine if a policy breach will be prevented and ensure that interested parties receive alert notifications. Failed tests might be indicative of a problem with product activation, or an incorrect or outdated Exit Point Manager IBM i rule set.

V7R3 provides some new and changed features in the IBM i integrated auditing function as well as a new feature that will take the guesswork out of implementing object-level security. I want to save the best for last, so I’ll start with the updated auditing features. New and Changed Auditing Features The CP (Changes to User Profiles) audit journal entry has always contained useful information...