Blog
Using Field Procedures for IBM i Encryption
By Robin Tatam on Fri, 09/15/2017
Robin Tatam has fielded quite a few questions about how to encrypt IBM i data. In this quick video, he outlines your options and explains field procedures (FieldProcs).
Guide
Download "IBM i Encryption: How to Protect Your Database"
Learn your options for encrypting IBM i data.
Sensitive information needs to be kept secret. That’s an indisputable fact for modern organizations, where sensitive information can include customers’ personally identifiable information, customer lists, and intellectual property.
Encryption is widely recognized as the most effective way to ensure private...
On-Demand Webinar
Deploying Multi-Factor Authentication in Your Enterprise
By Robin Tatam
Multi-factor authentication (MFA) exists because of the steady increase in data breach events. A data breach can subject your organization to steep fines, litigation, and even criminal prosecution. And it opens innocent third parties to identify theft, which you may also be legally required to mitigate—at your own expense.
MFA protects you from the most common cause of a data breach: compromised...
cta_page
Find Sensitive IBM i Data in Need of Encryption
PCI, HIPAA, GLBA, Sarbanes Oxley, and state privacy laws put pressure on organizations to properly protect sensitive data, such as credit card numbers, Social Security numbers, and bank account numbers.
To provide the best protection for sensitive data stored on your system, you should seriously consider encryption. But first you need to find where this data is stored.
Find Database Fields ...
Blog
How to Apply IDS/IPS to IBM i
By Robin Tatam on Fri, 05/12/2017
IPS/IDS are common cybersecurity terms, but how does that pertain to the IBM i environment?
Guide
Download "Secure Inside and Out: Maximizing Intrusion Detection and Prevention on IBM i"
Data leaks and operational disruptions can come from any source—internal or external.
To protect sensitive data from modern cyberthreats, all organizations need a robust intrusion detection and prevention system (IDS/IPS).
The IBM i operating system includes advanced capabilities for detecting and preventing external threats, but there are still gaps that must be filled.
Download this guide...
On-Demand Webinar
Getting Started with Document Management: The Secret to Long-Term Savings
There's more to document management than just the paper documents. Watch the webinar to learn about getting started with data capture and document creation.
Article
How To Maintain Your Data Integrity
By Robin Tatam on Tue, 03/21/2017
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
Blog
Compare Powertech Encryption for IBM i to IBM's Cryptographic APIs for Encrypting Database Fields
By Bob Luebbe on Fri, 03/17/2017
If your organization is thinking about using (or is using) IBM's Cryptographic APIs (e.g. QC3ENCDT, Qc3EncryptData) for encrypting database fields, then this article is for you.
Article
Advantages of Powertech Encryption for IBM i Over the Complexities and Risks of Disk Encryption
By Bob Luebbe on Fri, 03/17/2017
Disk drive encryption may help you comply with PCI DSS, but you must follow strict requirements. Additionally, relying solely on disk drive encryption for data protection has serious potential risks that you should be aware of.
Blog
The DDoS Deception You Need to Know About
By Robin Tatam on Wed, 03/08/2017
A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Blog
What is the Value of SIEM?
By Robin Tatam on Wed, 03/08/2017
As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…
Case Study
Hershey Entertainment Quickly Encrypts Credit Card Data with Powertech Encryption for IBM i
Hershey Entertainment & Resorts is a privately held company located in the tourist center of Hershey, Pennsylvania, and has entertainment, resort and commercial divisions. Earlier this year, Hershey learned that because the entertainment and resort operations accept credit cards for payment, they needed the information stored by their box office ticketing and reservations applications to be...
Case Study
Field-level Encryption Helps Retail Chain Achieve PCI Compliance
Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors.
“We need to be able to access credit card...
Tokenization
Tokenization should be considered when sensitive data is stored on multiple systems throughout an organization. Tokenization is the process of replacing sensitive data with unique identification numbers (e.g. tokens) and storing the original data on a central server, typically in encrypted form.
By centralizing sensitive data onto a single system, tokenization can help thwart hackers and minimi...
Strong Encryption
Database field encryption has traditionally been very difficult and time-consuming to implement on IBM i. In the past, major application changes would have to be made to expand database field sizes and implement complicated API calls to encrypt/decrypt data. In contrast, the design of Powertech Encryption for IBM i allows organizations to encrypt fields quickly and effectively using its intuitive ...
Encryption Key Management Software
Powertech Encryption for IBM i includes an advanced Key Management system which resides natively on IBM i. This Key Management system is seamlessly integrated with Powertech Encryption’s policy controls, encryption functions and auditing facilities to provide a comprehensive data protection solution.
Together with the integrated security on IBM i, organizations can strictly control access ...
On-Demand Webinar
An Introduction to PCI Compliance on IBM Power Systems
By Robin Tatam
Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?