Blog
Build or Buy: Multi-Factor Authentication Software for IBM i
By Robin Tatam on Mon, 04/24/2017
PCI’s MFA requirements now apply to IBM i. You have two choices: purchase MFA software that’s designed for IBM i or write your own program to link your existing MFA solution to IBM i. What's the best option for your organization?
Powertech Multi-Factor Authentication
Simple access authentication for servers inside and outside your firewall
Article
Generate and Distribute Audit Reports Automatically
By Robin Tatam on Mon, 04/03/2017
Despite the server’s incredible security infrastructure, auditing remains primarily a thankless, manual chore. And, let’s face it, any task that’s thankless and manual probably won’t get done.
Blog
How Exit Programs Make the Greatest Impact on IBM i Security
By Robin Tatam on Tue, 03/28/2017
What do exit points have to do with cybersecurity? How do exit programs work? Robin Tatam provides a clear explanation in this video.
Article
Advantages of Powertech Encryption for IBM i Over the Complexities and Risks of Disk Encryption
By Bob Luebbe on Fri, 03/17/2017
Disk drive encryption may help you comply with PCI DSS, but you must follow strict requirements. Additionally, relying solely on disk drive encryption for data protection has serious potential risks that you should be aware of.
Blog
PCI Compliance is Only the Beginning of Security
By Robin Tatam on Wed, 03/08/2017
The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.
Blog
PCI Compliance Takeaways from the Target Data Breach
By Robin Tatam on Wed, 03/08/2017
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
Blog
What to Know about the New NIST Cybersecurity Framework
By Robin Tatam on Wed, 03/08/2017
Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.
Blog
3 Key Skills of a Successful Security Administrator
By Robin Tatam on Tue, 03/07/2017
The constantly changing cybercrime landscape paired with the speed of new technologies can make it difficult to know which skills a security administrator should focus on.
Case Study
Field-level Encryption Helps Retail Chain Achieve PCI Compliance
Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors.
“We need to be able to access credit card...
On-Demand Webinar
An Introduction to PCI Compliance on IBM Power Systems
By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?
On-Demand Webinar
Lessons Learned from the AS/400 Breach
By Robin Tatam
Watch IBM i security expert Robin Tatam give an analysis of an AS/400 data breach in which threat actors successfully exploited a misconfigured system.
On-Demand Webinar
IBM i Audit Capabilities
By Robin Tatam
Many shy away from security auditing on the IBM i, but taking a common sense approach makes it possible to eliminate the drawbacks and get the vital information we need to properly manage the system.
Article
iSeries Penetration Testing
Sun, 12/11/2016
Simple penetration tests help determine if a policy breach will be prevented and ensure that interested parties receive alert notifications. Failed tests might be indicative of a problem with product activation, or an incorrect or outdated Exit Point Manager IBM i rule set.
On-Demand Webinar
What’s New in IBM i Security in V7R3 and V7R2
Thu, 12/08/2016
IBM has provided us with two powerful and very exciting security enhancements in the last two versions of IBM i. Get the details on the new security features.
Guide
Download "How IT Professionals Can Navigate SOX Compliance"
Compliance with Sarbanes-Oxley (SOX) is impossible without IT professionals, but translating this law into IT action items is a challenge.
With penalties up to $10 million fines and even prison time, following SOX—and proving you're compliant—is vital.
This compliance guide breaks down the most important aspects of SOX that affect IT professionals and focuses on what you need to know to get...
Guide
Download "How IT Professionals Can Navigate HIPAA Compliance" Guide
The Health Insurance Portability and Accountability Act (HIPAA) is one of today’s most common compliance mandates, but translating this law into IT action items is a challenge.
As fines increase and more audits are scheduled, figuring out how which data HIPAA protects and how to bring your system into compliance is more important than ever.
This compliance guide breaks down some of the thorniest...
Blog
Three Reasons You Need an Updated Security Policy
Sun, 08/21/2016
If you still think creating and maintaining a security policy isn’t necessary, you could be setting up your organization for an unpleasant surprise. Check out the top three reasons businesses need an up-to-date security policy.
Blog
IT Security Compliance 101
By Robin Tatam on Sun, 08/21/2016
In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.