August 9, 2010 Vol 5 Issue 15

Sponsor - SEQUEL Software

MYTH: Accessing Data Is Complex and Expensive REALITY: Dispel the myths of IBM i data access and bring data to your desktop quickly with SEQUEL. From simple ad hoc queries to executive dashboards, SEQUEL delivers IBM i data in the format that works best for you. SEQUEL is the fastest, easiest way to access your IBM i data. Click here for a FREE Information Kit. Read More >>

Feature Article - System Administration

Going Back in Time: A New Approach to AIX HA and DR A comprehensive HA/DR environment includes the ability to "go back in time" using snapshots and continuous data protection. Written by Rich Krause The term "high availability" can be confusing in the IBM Power Systems realm because the definition of the term is different in the IBM i and AIX worlds. In IBM i shops, HA is achieved by setting up a backup system and using an HA product to replicate applications, along with business and system data, from the production server to the backup in real-time or near real-time. The result is a hot-standby backup server that is fully ready to take over operations at any time. Read More >>

Feature Article - Security

Security Considerations for the Cloud Are these concerns justified, or is it simply the fear of the unknown? Written by Carol Woodbury Editor's note: This is an excerpt from the white paper "Cloud Computing," which is available as a free download at the MC White Paper Center. Security concerns abound when it comes to cloud computing. In an online poll recently conducted by Unisys Corporation, 51% of 312 attendees said that security and data privacy concerns remain the most significant impediment to the adoption of cloud computing. Another poll conducted by Unisys in a June 2009 webinar showed by 72% of the respondents cited security as their greatest concern for moving workload to the cloud. Are these concerns justified or is it simply the fear of the unknown? Let's take a look. Read More >>

In the News

Support MC Press - Visit Our Sponsors

Forums Sponsor

POPULAR FORUMS

News on IFSTOOL (2561 views)

AS/400 RPG Programmer Analyst - Tampa, FL (Contract) (2132 views)

I need to transfer a spool file(i.e. compile listing) to a PC file for editing (1869 views)

Latest news on HSSFCGI (1679 views)

Batch file in as400 (1469 views)

Trigger bombing on program library (1228 views)

Zip/Unzip now, don't wait for 7.1 (881 views)

PHFA - 2 new Software Developer positions available (IBM i RPG ILE/Microsoft Dotnet) (524 views)

The International Freedom of Expression Forum (498 views)

A6005004 - Can't find console (346 views)

Forums

Search Sponsor

Search

Read More >>

MC Industry blogs

Welcome to Carol Woodbury's blog

Worst Practices

Over the years I've published a lot on security best practices. In fact, our SkyView Risk Assessor product is based on all of those recommendations. But today I feel a bit contrarian so I've decided to post a few "worst practices." And like my "best practices" these are based on my years of experience in the security world.

Worst practice #1 - when asked how all users ended up with *ALLOBJ special authority, the answer was, "I didn't want to take calls in the middle of the night - so I just gave everyone *ALLOBJ."

Worst practice #2 - No auditing. No joblogs. History log cleared. The reason - lack of storage. Also meant that there was a significant lack of evidence when we were called in to investigate a breach that had occurred on their network!

These are just two of the many "worst practices" I've experienced. What are some of your "worst practices?"