TechTips / Security


TechTip: RACF Exits PDF Print E-mail
Tips & Techniques - Security
Written by Dinesh Dattani   
Friday, 10 October 2014 00:00

It's best to avoid RACF exits, but if you must have them, mitigate their risk.

dinesh dattaniWritten by Dinesh Dattani

Editor's note: This article is an excerpt from Chapter 16 of IBM Mainframe Security.

 

A RACF exit is an optional facility provided in RACF to perform special RACF processing, above and beyond what is offered in standard RACF. RACF exits can overrule decisions made by standard RACF processing. They provide a means for an installation to tailor RACF processing to suit its own unique needs.

Add a comment
Last Updated on Thursday, 09 October 2014 13:02
Read more...
 
Partner TechTip: Why PowerTech Network Security 6.50? PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 19 September 2014 00:00

Users neglected the security void created by TCP/IP services for years, but exit programs can provide the robust solution today's threat environment demands.
robin tatamWritten by Robin Tatam

PowerTech Network Security, an exit program solution, was designed to fill a security void that appeared with the release of OS/400 V3R1 in the early 1990s, when IBM incorporated TCP/IP network server functionality into the Power Systems server. An exit program is an application program that is invoked before or after a user's request is performed and provides a function that the original software does not. In the case of network access, an exit program assists the operating system and should perform two critical tasks:

  • Audit the user transaction (the OS has very limited visibility to network activity)
  • Provide Access Control functions to limit backdoor data access and server functionality
Add a comment
Last Updated on Friday, 19 September 2014 00:00
Read more...
 
Partner TechTip: Analyze System Security with Compliance Assessment 3.0 PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 08 August 2014 00:00

Even Power Systems can't provide the security you need right out of the box. Compliance Assessment 3.0 helps you identify shortcomings and safeguard your system.

robin tatamWritten by Robin Tatam

Security and compliance adherence has elevated in criticality over the past few years and has now taken its rightful place as a primary IT initiative, alongside virtualization and disaster preparedness. The necessity for better data protection has landed front-and-center in the public eye following some of the largest data breaches on record, including the highly publicized Target retail breach. This was the first of the national "big box" retailers to be hit with such a public and devastating attack. These stories make headlines, but thousands of lesser-publicized breaches occur every year. The threat landscape has rapidly evolved from socially and politically motivated disruptions to highly sophisticated attacks orchestrated by criminals seeking financial gain, and competitors and governments engaged in industrial and international espionage.

Add a comment
Last Updated on Thursday, 07 August 2014 10:28
Read more...
 
TechTip: Back to Basics with IBM i Special Authorities PDF Print E-mail
Tips & Techniques - Security
Written by Steve Pitcher   
Friday, 01 August 2014 00:00

Special authorities give users the access they need quickly and easily, but they're hard to take away once granted. You need to understand what you're assigning someone. Special authorities are more serious than you might have thought.

steve pitcherWritten by Steve Pitcher

With great power comes great responsibility.

 

My company is about to go on a major ERP overhaul. That's right. We've got forty plus years of a mostly home-grown solution with pieces and parts bolted on over time. Do we have people who have too much authority given their job role? Yes. Are certain objects less secure than they could be? Yes. Like any shop, we have a couple of critical applications that "might break" if the authority is changed. We also have a couple of users who "might" not be able to do their jobs if their authority is restricted. With a new solution on the horizon, it's a good time to look at what we have from a security point of view.

Add a comment
Last Updated on Monday, 04 August 2014 08:48
Read more...
 
User Rating: / 2
PoorBest 
Partner TechTip: Help! I Forgot My IBM i Password (Again!) PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 14 March 2014 00:00

Discover the euphoria of self-service password reset.

robin tatamWritten by Robin Tatam

Since the dawn of the technological age, stories have abounded of users writing passwords on Post-It notes and in logbooks. That's because good passwords are hard to devise and even harder to remember. When we concoct one, we hang on to it. What's worse, we use the same username and password everywhere. Many experts believe passwords represent one of the greatest security vulnerabilities; however, they remain a necessary evil. The reality is that passwords will be around for the foreseeable future. And for every password that exists, there's a user who will forget it.

Add a comment
Last Updated on Wednesday, 12 March 2014 10:35
Read more...
 
User Rating: / 5
PoorBest 
Partner TechTip: Seeking an IBM i Person of Interest PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 15 November 2013 00:00

Authority Broker 4's new Screen Capture feature represents a Quantum Leap in user auditing!

robin tatamWritten by Robin Tatam

A popular new TV crime drama called Person of Interest tells of an advanced computer that can predict crimes by monitoring the actions and conversations of New Yorkers for signs that they are planning something nefarious. Although the idea of "Big Brother" monitoring public places elicits heated debate regarding personal privacy, most of us acknowledge that monitoring user activities in the modern workplace has become a necessity.

Add a comment
Last Updated on Wednesday, 13 November 2013 09:24
Read more...
 
TechTip: Free Desktop Encryption Tool Keeps File Transfers Safe PDF Print E-mail
Tips & Techniques - Security
Written by Bob Luebbe   
Friday, 18 October 2013 00:00

Eliminate the risks involved with unsecured email attachments by using this free desktop encryption software to protect sensitive data.

bob luebbeWritten by Bob Luebbe

Here's the challenge. You need to send quarterly financial statements to your accounting firm, and you know it's risky to send those spreadsheets as an email attachment. You need a fast and easy way to encrypt that data so that you can deliver your private financial numbers securely, protected from unauthorized access.

Add a comment
Last Updated on Friday, 18 October 2013 00:00
Read more...
 
User Rating: / 1
PoorBest 
Partner TechTip: Empower Your Security Monitor to Interact PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 04 October 2013 00:00

Does your organization need to step up to the next level of security monitoring?

robin tatamWritten by Robin Tatam

Let's face it, monitoring security events on IBM i probably isn't at the top of anyone's "bucket list." However, it's a critical process that should be performed by every organization to ensure that unauthorized activities don't occur unnoticed. Typically, there are two main issues with monitoring a system manually: the necessity of having to go out deliberately (and repeatedly) and check to see if something has happened, and the fact that you are most likely looking for the proverbial needle in a haystack of logged events.

Add a comment
Last Updated on Friday, 04 October 2013 07:51
Read more...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 17

WEBCAST

MC Webcast CenterFEATURED WEBCAST

See What i Can Do With Modern RPG Development

Your applications deserve more than just a new look! Change the perception of the IBM i as “old” with modern development tips from IBM and Profound Logic Software.
Watch as Barbara Morris, Brian May and Alex Roytman dive beneath the GUI surface to show the benefits of:

 

  • Working with free-format RPG in IBM i TR7
  • Breaking free from “The Cycle” of traditional RPG development
  • Going beyond the 10 character limit in display and database files
  • And more!

You'll also see a live demonstration of these techniques as the presenters create a modern web application before your eyes! 

 

Watch the Webinar Now!

 

TRIAL SOFTWARE

MS Office Connector for Query/400

NGS' Qport Office enables Windows users to run IBM Query/400 queries to: 

 - Create and update Excel spreadsheets and Access databases

 - Create Word documents

 - Send to Windows screen and PC printers

No query conversion is required. Works with i5/OS V5R1 & above. Installs in minutes!

If you don’t have a budget to replace IBM Query/400, but want your users to have one click enhanced output of their queries.… Request the online license agreement and product download instructions today!

Offer good through December 31, 2013.


   MC-STORE.COM