MC Press Online

Friday, Feb 24th

Last updateWed, 22 Feb 2017 3pm

You are here: Home ARTICLES Security Compliance/Privacy

Security / Compliance/Privacy

Compliance Is Dead, Long Live Compliance!

Carol Woodbury

Carol discusses how compliance requirements are not going away and, in fact, are increasing for some organizations.

Written by Carol Woodbury

Why am I talking about compliance? Compliance—in my opinion—is a tired term that was horribly over-used a few years ago. Every issue that security officers wanted to be resolved was somehow categorized as a “compliance requirement,” and every ad from all vendors—security-related or not—proclaimed the virtues of how their product solved your compliance woes.

Read more ...

TechTip: IBM i Audit Readiness—User Profile Cleanup

Having proper policies and procedures in place is the key to maintaining user profiles.

Written by Barbara Sims

An audit of your IBM i security can be stressful—people coming in and looking at your policies and procedures for how you maintain the security on your system. This doesn’t need to be a time of anxiety. I actually love being audited. Or as I call it “Audit Season.” Not only am I able to show off how well my system is being secured, but I try to impart a little knowledge to the auditor on how IBM i security works its magic. Since I’m probably in the minority for liking audits, let’s discuss one thing that can be done to make your audit a little easier.

Read more ...

Partner TechTip: More Compliance, Better Security, Less Work!

Empower IBM i to conduct its own compliance verification and enforcement.

robin tatamWritten by Robin Tatam

IT professionals often complain about the burden of managing security and maintaining compliance. As an added challenge, IBM i staff typically lack formal (or even informal) training in these disciplines. Risk is elevated when organizations ignore the reality that most Power servers operate without adequate security controls.

Read more ...

Data Masking and Assuring Security During Software Testing

Your production data could be more exposed than you think during software testing.

Written by Green Light Technology

Editor's note: This article introduces the white paper "A Road Map to Successful Data Masking," which is available free from the MC White Paper Center.


Data masking during software testing (or otherwise) is not the simple process that the uninitiated might suppose. Gone are the days when replacing personally identifiable information with random characters makes the grade. Obfuscating data for use in development, testing, and QA environments means you need to be able to quickly provide teams with secure sets of consistent, meaningful data that can be used again and again. But this can be difficult to achieve, particularly in geographically dispersed organizations, and especially if you don't adopt a systematic, centralized approach to de-identifying sensitive data.

Read more ...

PCI and the IBM i: If You're Not Paying Attention, You Should Be

Does your company accept credit-card payments? If so, you're responsible for Payment Card Industry (PCI) mandates.

ira chandlerWritten by Ira Chandler

Just because you run the world's most secure and reliable computing platform (the IBM i, System i, iSeries, AS/400), you're not exempt from the requirements of the international security council that dictates merchant security. Although the many best practices we employ on the IBM midrange platform generally keep the system out of the news, you still must be compliant with the industry standards.


We will refrain from listing the recent data breaches, knowing that you're aware of the risk you take when you store cardholder data. So, in this short article, we will address the following questions:

Read more ...

Start Thinking About Security in New Ways

Are you heads down, focused on the tasks in front of you? If so, you may be missing something. In this article, Carol discusses the need to stop, take time, and see if you need to think about things differently.

carol woodburyWritten by Carol Woodbury

At this time of year, I try to get away for a few days to relax and stop thinking about work. I've found that when I'm constantly heads down on work, I don't pick up on things around me that have changed. I tend to always do things the same way, but when I get away I may realize there's an easier or better way to do something. If I don't take a break, I'm unlikely to realize what I'm missing—as in new topics that I should be paying attention to or researching or new business opportunities that are right in front of my face but I couldn't "see" because I was too busy with other things. In this article, I'll encourage you to step back from your normal routine and see what you might be missing.

Read more ...

Are You Meeting the PCI DSS Security Standards?

Don’t take the requirements lightly; the cost of non-compliance could be very steep.

ira chandlerWritten by Ira Chandler

Acceptance of debit and credit cards is a growing requirement for businesses of all sizes. Since 2005, the Payment Card Industry Security Standards Council (PCI) has imposed strict mandates, the Data Security Standards (DSS), to ensure the security of the computer systems that process, transmit, and/or store sensitive credit card data.

Read more ...

IBM i Security Administrators' Guide

Security is no longer something you can put off until tomorrow.

Written by SkyView Partners

Editor's note: This article introduces the "IBM i Security Administrators' Guide" available free from the MC White Paper Center.


Carol Woodbury, president and co-founder of SkyView Partners, Inc., takes her years of experience and knowledge as the IBM i security expert and explains the processes that should be established and checks that should be made by every IBM i security administrator.

Read more ...