Article
I’ve Got *ALLOBJ Authority And I’m Not Afraid To Use It—Part 2
By Robin Tatam on Thu, 06/27/2019
While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.
On-Demand Webinar
Pro Tips for IBM i User Access Management
By Robin Tatam
Watch this webinar to learn how to increase user efficiency and improve your IBM i security posture at the same time.
Datasheet
Powertech Authority Broker for IBM i
Satisfy your auditor requirements with reports that provide a complete audit trail of privileged user activity with Powertech Authority Broker for IBM i. Schedule a demo today.
On-Demand Webinar
Getting Started with IBM i Security: User Privileges
By Robin Tatam
Get up to speed on special authorities, command line access, and auditing user activities
On-Demand Webinar
Controlling Insider Threats on IBM i
By Robin Tatam
Despite the avalanche of regulations, news headlines remain chock full of stories about data breaches, all initiated by insiders or intruders masquerading as insiders.
Article
Audit Tested & Audit Approved Instant Authority!
By Robin Tatam on Fri, 03/24/2017
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Article
The Modern Alternative to Authority Adoption
By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
On-Demand Webinar
An Introduction to PCI Compliance on IBM Power Systems
By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
On-Demand Webinar
Audit and Control of Powerful Users on IBM i
By Robin Tatam
Discover the ways to control and audit the activity of powerful users, with a view to enhancing the integrity of your IBM i. With the proper controls in place, you can restrict even the most powerful users as required.
Guide
Download “Identity & Access Management for IBM i”
Insiders are responsible for 34 percent of data breaches—and insiders are also the most difficult threat to control control on IBM i. You can't lock them out completely because your IBM i users need at least some level of access to do their jobs.
So, how do you ensure users have only the access they need without overburdening IT with manual processes that...
Blog
What Is a Profile Swap and How Can It Help Secure IBM i?
By Robin Tatam on Thu, 02/09/2017
In this short video, IBM i security expert Robin Tatam explains what a profile swap is and how it helps secure your system.
On-Demand Webinar
44 Percent of Your IBM i Users Can Do WHAT?!
By Robin Tatam
Your IBM i power users are one of your greatest assets. But on most systems, they're also one of your greatest security vulnerabilities. Find out how to regain control.
Blog
IT Security Compliance 101
By Robin Tatam on Sun, 08/21/2016
In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.
Guide
13 Tips to Write Secure Applications and Boost IBM i Security
Barely a day passes without new headlines reporting another cyber attack, policy violation, or data breach. Secretly, we breathe a sigh of relief that it happened to someone else, but most of us know that we’ll all eventually feel the impact in some capacity.
Guide
Effective Log Management
IBM’s customers are turning to Power VM virtualization to consolidate multiple workloads onto fewer systems increasing server utilization and reducing cost. However a virtualized server landscape on several different IBM platforms (IBM Power Systems™, IBM System x®, and IBM BladeCenter®) may reduce hardware complexity but this puts a strain on supporting the entire lifecycle of analysis,...
Guide
Two Factor Authentication for IBM i
Organizations facing a more advanced threat landscape and a complex regulatory environment require a solution which addresses the need for securely controlling access to existing systems and applications. In addition, this solution should not increase the workload on support, application providers or the end user.
Guide
Download “How IT Professionals Can Navigate PCI DSS Compliance” Guide
The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information. This includes merchants and third-party service providers that store, process, or transmit credit card data.The launch of PCI DSS helped expose serious security shortcomings, failures to follow security best practices, and a...
Case Study
AAA Life Leverages Fortra Solutions for IT Efficiency
Part of the American Automobile Association (AAA) family, AAA Life Insurance Company offers a variety of competitive life insurance, annuity, and travel accident products. With over one million policies, many people rely on AAA Life to help provide protection for their loved ones.
As Senior Systems Engineer at AAA Life, Randy Wittner is in charge of their IBM i environment, overseeing two S824...