PowerTech, a security solutions provider for IBM Power Systems servers running IBM i, has announced the release of the 2012 State of IBM i Security Study. PowerTech publishes the annual study to help users understand the common security exposures found on IBM i servers.

Each year, PowerTech performs hundreds of compliance assessment audits on IBM i servers of varying sizes and across multiple industries, including financial, retail, and manufacturing. This ninth annual study summarizes data from security audits performed January to December 2011.

The 2012 study shows many of the same vulnerabilities seen in previous years, including:

• 74.6 percent of IBM i servers have 20 or more active *ALLOBJ profiles
• 81 percent of systems unknowingly make *CHANGE the default create authority for library objects
• 66 percent of systems don’t monitor network access to their critical data
• 11 percent of user profiles have a password that matches the user’s name; 54 percent of these are enabled

Robin Tatam, PowerTech director of Security Technologies, says, “Each year we publish this study I expect to see the trends improve. In 2012, we continue to see systems that are vulnerable due to too many powerful users, too few controls for *PUBLIC access to libraries, little or no visibility to network traffic, and not enough auditing.”

The 2012 State of IBM i Security study is available as a free download from http://www.powertech.com. PowerTech also is offering a webinar on the State of IBM i Security on Wednesday, May 30.