MC Press Online

Saturday, Apr 29th

Last updateFri, 28 Apr 2017 10am

You are here: Home ARTICLES Security Compliance/Privacy

Security / Compliance/Privacy

The Need for an IT Security Strategy

Steve Pitcher

Security isn’t the end game. It needs to be the journey.

Written by Steve Pitcher

It’s easy to get caught in the flow of the next big thing. Mobility, security, analytics, big data, Internet of Things, cloud, and Everything as a Service seem to dominate the technology landscape in terms of where we as IT professionals should be spending our time.

Read more ...

Why IBM i Organizations Should Pay Attention to What Happens in New York

Carol Woodbury

Carol discusses how the cybersecurity law in New York will affect organizations running IBM i and how it provides guidance for organizations—even those outside of New York.

Written by Carol Woodbury

The State of New York passed a cybersecurity law that went into effect March 1, 2017. It’s one law in one state. So why should organizations outside of the control of the New York State Department of Finance be concerned about this law? Because it’s yet another indication that governments are getting serious about security.

Read more ...

Compliance Is Dead, Long Live Compliance!

Carol Woodbury

Carol discusses how compliance requirements are not going away and, in fact, are increasing for some organizations.

Written by Carol Woodbury

Why am I talking about compliance? Compliance—in my opinion—is a tired term that was horribly over-used a few years ago. Every issue that security officers wanted to be resolved was somehow categorized as a “compliance requirement,” and every ad from all vendors—security-related or not—proclaimed the virtues of how their product solved your compliance woes.

Read more ...

TechTip: IBM i Audit Readiness—User Profile Cleanup

Having proper policies and procedures in place is the key to maintaining user profiles.

Written by Barbara Sims

An audit of your IBM i security can be stressful—people coming in and looking at your policies and procedures for how you maintain the security on your system. This doesn’t need to be a time of anxiety. I actually love being audited. Or as I call it “Audit Season.” Not only am I able to show off how well my system is being secured, but I try to impart a little knowledge to the auditor on how IBM i security works its magic. Since I’m probably in the minority for liking audits, let’s discuss one thing that can be done to make your audit a little easier.

Read more ...

Partner TechTip: More Compliance, Better Security, Less Work!

Empower IBM i to conduct its own compliance verification and enforcement.

robin tatamWritten by Robin Tatam

IT professionals often complain about the burden of managing security and maintaining compliance. As an added challenge, IBM i staff typically lack formal (or even informal) training in these disciplines. Risk is elevated when organizations ignore the reality that most Power servers operate without adequate security controls.

Read more ...

Data Masking and Assuring Security During Software Testing

Your production data could be more exposed than you think during software testing.

Written by Green Light Technology

Editor's note: This article introduces the white paper "A Road Map to Successful Data Masking," which is available free from the MC White Paper Center.

 

Data masking during software testing (or otherwise) is not the simple process that the uninitiated might suppose. Gone are the days when replacing personally identifiable information with random characters makes the grade. Obfuscating data for use in development, testing, and QA environments means you need to be able to quickly provide teams with secure sets of consistent, meaningful data that can be used again and again. But this can be difficult to achieve, particularly in geographically dispersed organizations, and especially if you don't adopt a systematic, centralized approach to de-identifying sensitive data.

Read more ...

PCI and the IBM i: If You're Not Paying Attention, You Should Be

Does your company accept credit-card payments? If so, you're responsible for Payment Card Industry (PCI) mandates.

ira chandlerWritten by Ira Chandler

Just because you run the world's most secure and reliable computing platform (the IBM i, System i, iSeries, AS/400), you're not exempt from the requirements of the international security council that dictates merchant security. Although the many best practices we employ on the IBM midrange platform generally keep the system out of the news, you still must be compliant with the industry standards.


 

We will refrain from listing the recent data breaches, knowing that you're aware of the risk you take when you store cardholder data. So, in this short article, we will address the following questions:

Read more ...

Start Thinking About Security in New Ways

Are you heads down, focused on the tasks in front of you? If so, you may be missing something. In this article, Carol discusses the need to stop, take time, and see if you need to think about things differently.

carol woodburyWritten by Carol Woodbury

At this time of year, I try to get away for a few days to relax and stop thinking about work. I've found that when I'm constantly heads down on work, I don't pick up on things around me that have changed. I tend to always do things the same way, but when I get away I may realize there's an easier or better way to do something. If I don't take a break, I'm unlikely to realize what I'm missing—as in new topics that I should be paying attention to or researching or new business opportunities that are right in front of my face but I couldn't "see" because I was too busy with other things. In this article, I'll encourage you to step back from your normal routine and see what you might be missing.

Read more ...