MC Systems Insight
MC Power Technology Manager
MC RPG Developer
MC Power Developer
MC TNT Tips 'n Techniques
MC AIX Expert
MC Linux Expert
MC Mobile on Power
This Week @ the MC Press Bookstore

July 18, 2014 | Volume 11 Issue 28


TOP STORY: Security Patrol: V7R2 Security Enhancements, Part 2: Implementing Row and Column Access Controls
FEATURED ARTICLE: TechTip: Biting the Bullet: Options for DB2 for i Automated Testing
NEWS HIGHLIGHT: IBM i ISVs Can Now Integrate Mobile-Based Two Factor Authentication to Increase Security of Solution
ON-DEMAND WEBCAST: The State of IBM i Security 2014
MC VIDEO PORTAL:  Best Practices for IBM i Security Administration 
MC INDUSTRY BLOGS:  Possible Hackability of Boeing 777 Illustrates Vulnerability of Integrated Systems
EVENT: Operations on IBM i: Where Do I Start?

Sponsor - The MC Press Bookstore

The Essential Guide to Security. In this practical and highly readable guide--an update to her acclaimed IBM i & i5/OS Security & Compliance: A Practical Guide--security expert Carol Woodbury explains IBM i security and the way it functions within IBM i systems. Whether you’re new to IBM i or a seasoned veteran, this book contains the critical information and explanations you need to successfully maintain a secure system. Get your copy today. >>


Feature Article - Security
Security Patrol: V7R2 Security Enhancements, Part 2: Implementing Row and Column Access Controls

Carol provides the second part of a two-part article on the security enhancements introduced in V7R2.

carol woodburyWritten by Carol Woodbury

Last month, I covered the auditing, password composition rule, and other miscellaneous enhancements provided in V7R2. This month, the focus is on the security enhancements associated with DB2, specifically Row and Column Access Control (RCAC).  


Sponsor - The MC Press Bookstore

PHP…Just for IBM i. This is the first book to comprehensively address PHP and how it can—and should—be deployed on the IBM i. Learn how to transfer skills from a green screen environment to the Web, become intimately familiar
with PHP’s commonly used features, and help start down the road of highly interactive Web-based application development. Click now to receive a FREE chapter of this best-selling resource! >>


Feature Article - TechTip
TechTip: Biting the Bullet: Options for DB2 for i Automated Testing

This tip brainstorms a few approaches for automatically testing various aspects of DB2 for i code.

Written by Michael Sansoterra

In the first tip, I showed various ways to test DB2 functions, procedure results, and triggers for logic accuracy and security. However, the tip never covered how these tests, once written, are to be processed. In particular, questions such as these need further discussion:


Sponsor - The MC Press Bookstore

Don't miss out! This is the hands-on guide to IBM's strategic language for IBM i. Database Design and SQL for DB2 delivers everything you need to know about database design and SQL. Author Jim Cooper gives you all the tips and techniques you need in one convenient place, whether you’re a beginner or an advanced developer. Includes real-life examples to help you hone your skills. The bonus companion website explains embedded SQL and explores client-side technologies.


MC Video Portal

MC Video Portal

Best Practices for IBM i Security Administration

In this Webinar, based on her just-released e-book on Security Administration, Carol Woodbury, the authority in IBM i Security, discusses the tasks every IBM i Security Administrator should perform.  From system values to managing user profiles, administering authorities and handling IFS security issues, Carol provides guidance for automating tasks as well as tips for simplifying them.


MC Webcast Center


The State of IBM i Security 2014


Don’t miss the first reveal of more than a decade’s worth of research on the security configurations of IBM-i based servers and the successes and failures of organizations that run critical applications on them.

Over the past 11 years, PowerTech has audited thousands of IBM i servers around the world, gaining extensive, real-world insight into the deployment state of IBM i security controls.
Along with the results, this webinar provides a review of six configuration categories:

  • Network-initiated commands and data access
  • Server-level security controls
  • Profile and password settings
  • Administrative capabilities
  • Public accessibility to corporate data
  • System event auditing

Learn what steps your own organization must take to address these continually overlooked and dangerous security exposures–including some that are often missed by professional auditors!

Watch the on-demand Webinar now!


Be sure to check out these other useful offerings in the MC Webcast Center. 


5 Steps for Implementing Role-based Access on the IBM i. Presented by Carol Woodbury

5 Tips for Administering Security in the IFS

Affordable, Achievable Query, Reporting and Analytics

Addressing and Automating Audit Requirements for the IBM i

Auditing the IBM i

Automating IBM AIX PCI Compliance Reporting

Automating PCI Compliance Reporting on IBM i

Beyond FTP, Securing and Automating File Transfers

Coffee with Carol - Configuring IBM i (iSeries) Access servers to use SSL

Coffee with Carol: Step by Step Approach to Implementing Object Level Security

Coffee with Carol: Where do I Start with IBM i Security?

Common Configuration Mistakes and How to Correct Them

Create Amazing, Modern Apps With Profound UI

Dynamic Performance Management for the IBM i: Anticipate System Needs before Issues Happen

Get Results with NGS-IQ Business Intelligence

Getting the Most out of Your Audit Journal

IFS Security

Introducing ASNA Wings

Is Your Query Tool Limiting You?

Managing the Security of Your Data to Meet Your Business Needs

Mobile Applications for IBM i

Preparing for and Automating Audit Requirements for AIX

Programming/RPG - Advanced, Integrated RPG with Tom Snyder

Security and Compliance: What are the Issues on IBM AIX and How do they Relate to the IBM i

Security Considerations for IBM i Navigator for the Web

Simplifying IBM i Security Administration Tasks

SkyView Security Compliance Solution featuring Audit Journal Reporter.

The 12 Sections of PCI DSS and How Each Relates to the IBM i Community by Carol Woodbury

The Hidden Jewels of IBM i Security

The State of IBM i Security 2014

The Top Five RPG Open Access Myths....BUSTED!

Top 10 New Features of IBM i Security by Carol Woodbury

Top 10 Security and Compliance Considerations for Cloud Computing

Understanding the Cost of Downtime

Unleash the Power of IBM i

What's New with V6R1 Security

Why Companies Fail PCI audits


*Some offers may be limited to U.S. and/or Canadian citizens only. Please see the site for details.

The MC Resource Centers bring you the widest selection of white papers, software, webcasts and more for you to choose from and at MC Press we’re all about choice. We’re even giving one lucky person the opportunity to choose their own prize in our “It’s All About Choice” contest for a $250 Best Buy gift card.  Visit the MC Webcast, MC White Paper, MC Software, MC Case Study, MC Security,  and MC Disaster Recovery Centers today and select as many of the FREE offerings you would like to receive. While there, enter the contest and you may just win a $250 Best Buy gift card!


Have a On-Demand Webcast you would like to list? click here or call (208) 629-7275 for information.




In the News

The Latest from IBM

Support MC Press - Visit Our Sponsors

Forums Sponsor



Search Sponsor



MC Industry Blogs

Read and Share the latest from the IBM i Security Blog

brought to you by PowerTech

Possible hackability of Boeing 777 illustrates vulnerability of integrated systems

Posted in News, Security on June 6th, 2014 by Robin – Be the first to comment


The March 2014 disappearance of Malaysian Airlines Flight 370 has renewed old concerns about the security of aircraft with embedded systems, such as the Boeing 777. While the exact causes of the plane’s demise have not been determined yet, security experts have taken the opportunity to point out that cyberattacks could exploit the features of advanced airliners and lead to similar incidents in the future.