MC Press Online

Tuesday, Jan 17th

Last updateMon, 16 Jan 2017 11am

You are here: Home ARTICLES Security Security - Other

Security - Other

TechTip: Let's Encrypt, Together

Automation and security are top priorities. IBM i is a first class citizen if we let it be. If we take the effort to get more open source on the platform. This article does that.

aaron bartellWritten by Aaron Bartell

If you haven't noticed, security is regularly in the news and generally has been a hot topic the past couple years. Most recently, there was the Kemuri Water Company breach, which unfortunately was against their "AS/400." The quote still ringing in my ears from that article is the following:

Read more ...

When Management Turns Its Back on Security: The Business Effects

Something is preventing management from understanding the need to secure its electronic data.

Written by SkyView Partners, a HelpSystems company

Editor's note: This article introduces the white paper "When Management Turns Its Back on Security: The Business Effects" available free at the MC White Paper Center.

 

One of the great mysteries as we walk into an IBM i shop is the lock on the computer room door. Often, when we first start consulting engagements, we are given a tour of the facility, and inevitably it includes a tour of the "raised floor" computer room, outfitted with expensive air-handling equipment and protected by a door that requires specific authorization to enter. The mystery is that, while all this expensive hardware needs physical protection, the company's most valuable assets are wide open to people who don't need access to them.

Read more ...

Protect Your Administrator Accounts from Abuse

Carol discusses why it's important to protect administrative profiles and provides options for protecting them.

carol woodburyWritten by Carol Woodbury

If you've paid attention to the news of stolen data, you've heard that many of the attacks come after malware is installed somewhere in the network. Once installed, the malware often sniffs the network to get credentials (user IDs and passwords). The malware keeps trying these credentials until it captures an admin's, and then the hackers gain access to servers with admin rights to gain access to other parts of the network and your data.

Read more ...

Partner TechTip: IBM i's Greatest Strength Is Also Its Worst Security Weakness

What happens when reputation collides with reality?

robin tatamWritten by Robin Tatam

According to IBM's website, "the IBM i operating system is considered one of the most secure systems in the industry." It's true that IBM i has a near-legendary reputation as a secure system based on its world-class integrity features and security controls. But, as the author of PowerTech's annual "State of IBM i Security Study" for the past seven years, I feel the description as "secure" is often dangerously misunderstood.

Read more ...

Partner TechTip: Keep Friends Close and Powerful Users Closer

Your IBM i users are human—and prone to putting sensitive information at risk.

robin tatamWritten by Robin Tatam

Information will always be at risk, thanks to human failings like greed and incompetence. As guardians of our enterprise data, it's our responsibility to deploy controls and enforce policies designed to reduce the risk of a data breach, no matter what might cause it.

 

Note that I didn't say eliminate risk—that's an important distinction. If history has taught us anything, it's the old cliché "where there is a will there is a way." We have to accept that there is no such thing as zero risk.

Read more ...

Partner TechTip: "Oh! Data Breach" Is Quickly Becoming the New U.S. National "Anthem"

The current breach epidemic could impact IBM i, but it doesn't have to.

robin tatamWritten by Robin Tatam

Unless you're filing your taxes with an address listed as "under a rock," you're probably painfully aware of a few high-profile data breaches that have occurred in recent years. While Target, Home Depot, and Anthem might not openly share whether any of their compromised systems included IBM Power Servers, we all need to learn numerous lessons, regardless of the technology platform our critical data resides upon.

Read more ...

TechTip: A Primer on Payment Security

If you handle credit card payment data in your company, you're probably familiar with the Payment Card Industry Council. But they're no longer the only game in town. Maybe it's time to look at the broad issues.

david shireyWritten by David Shirey

If you handle credit card payments in your company, you know that PCI compliance has been the gold standard for the last decade. And if you've been paying any attention lately, you know that Apple Pay was announced in October 2014 and is getting a lot of press as being the future of electronic payments.

Read more ...

Data Security in a Nebulous World

What's safer? The cloud or your own IBM i?

paul keyesWritten by Paul Keyes

Nobody understands the cloud. That's a common joke amongst IT professionals. It's often spoken tongue in cheek about laymen consumers uploading selfies by the millions as they constantly sync their devices without a clue in the world about what's actually happening to their data. While the concept of cloud-based data may confuse most consumers, two groups of people actually do thoroughly understand how the cloud works: the IT professionals who build and maintain the droves of servers on which all of our data is stored, and the hackers who spend their every waking moment trying to break into them.

Read more ...