Compliance mandates, like CCPA (California Consumer Privacy Act), GDPR, HIPAA, and PCI DSS, set minimum requirements for cybersecurity. If your IBM i (System i®, iSeries®, AS/400®) is not properly configured, sensitive data is vulnerable—and that vulnerability is an indicator of out-of-compliance security settings.
Our free compliance assessment uses the Powertech Security Scan to identify and prioritize these vulnerabilities, so they can be corrected before an audit.
The process is simple: Security Scan runs directly from a network-attached PC without modifying any system settings. One of our Security Advisors will help you interpret the results, and you can print the finding for your records. You can even run Security Scan again within 7 days to analyze the impact of configuration changes.
Why Should I Assess My Compliance?
Security Scan examines common security metrics and highlights vulnerabilities that signal compliance issues. You’ll also learn what steps you can take to improve your security and compliance posture. Security Scan is:
- Safe—The non-intrusive program runs in minutes and leaves no files on your system
- Confidential—Only you see the results
- Thorough—A Security Advisor helps you understand the current state of your IBM i security
- Clear—You’ll understand where your system is secure and what areas pose compliance problems
You’ll find out where your IBM i security currently stands, whether your system is at risk, and how to improve compliance with common government regulations and industry requirements.
Security Scan Assesses Critical Areas of IBM i Security & Compliance
Executive Summary
The Executive Summary ranks the overall condition of your system. Red, yellow, and green indicators compare your system against best practices, along with references to the COBIT framework to which they apply.
Administrative Rights
The Administrative Rights section reviews eight special authorities and the vulnerabilities of each.
Public Authority
The public is any user with a profile and password, so this section indicates how accessible the system is to the average end user.
User Access to Data
The User Access section reviews user access to system data through common network access services, such as FTP, ODBC, and Remote Command.
FTP Access
The FTP Access section identifies security vulnerabilities caused by using FTP (file transfer protocol) to transfer files between a client and server on a network.
System Security
The System Security section examines key system values that control security settings on your system.
User Security
The User Security section reviews how many user profiles haven't been used for at least 30 days and how many have default passwords, as well as reviewing basic password settings.
System Auditing
The System Auditing section checks if you are using the IBM i event auditing capabilities and the types of events being audited.
Recommendations
The Recommendations section provides suggestions for remediation based on the security checks performed on your system.
What Do I Get After Running a Security Scan?
Results of your Scan are compiled immediately and presented for review in an easy-to-understand, browser-based, interactive reporting application. A Powertech Security Adviser can help you interpret the results, and you can save or print the findings for your records.
Security Scan does not leave files on your IBM i. The Security Scan application installs a licensed program to collect security data, but the files are removed upon completion of the analysis or you can remove the program manually using the DLTLICPGM command. You also have seven days after your Security Scan to make configuration changes and rerun the Scan to test your changes.