TechTips / Security


TechTip: Let's Encrypt, Together PDF Print E-mail
Tips & Techniques - Security
Written by Aaron Bartell   
Friday, 08 April 2016 00:00

Automation and security are top priorities. IBM i is a first class citizen if we let it be. If we take the effort to get more open source on the platform. This article does that.

aaron bartellWritten by Aaron Bartell

If you haven't noticed, security is regularly in the news and generally has been a hot topic the past couple years. Most recently, there was the Kemuri Water Company breach, which unfortunately was against their "AS/400." The quote still ringing in my ears from that article is the following:

Add a comment
Last Updated on Thursday, 07 April 2016 08:59
Read more...
 
Protect Your Administrator Accounts from Abuse PDF Print E-mail
Tips & Techniques - Security
Written by Carol Woodbury   
Friday, 18 September 2015 00:00

Carol discusses why it's important to protect administrative profiles and provides options for protecting them.

carol woodburyWritten by Carol Woodbury

If you've paid attention to the news of stolen data, you've heard that many of the attacks come after malware is installed somewhere in the network. Once installed, the malware often sniffs the network to get credentials (user IDs and passwords). The malware keeps trying these credentials until it captures an admin's, and then the hackers gain access to servers with admin rights to gain access to other parts of the network and your data.

Add a comment
Last Updated on Friday, 18 September 2015 00:00
Read more...
 
Partner TechTip: IBM i's Greatest Strength Is Also Its Worst Security Weakness PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 21 August 2015 00:00

What happens when reputation collides with reality?

robin tatamWritten by Robin Tatam

According to IBM's website, "the IBM i operating system is considered one of the most secure systems in the industry." It's true that IBM i has a near-legendary reputation as a secure system based on its world-class integrity features and security controls. But, as the author of PowerTech's annual "State of IBM i Security Study" for the past seven years, I feel the description as "secure" is often dangerously misunderstood.

Add a comment
Last Updated on Wednesday, 19 August 2015 10:58
Read more...
 
Partner TechTip: Keep Friends Close and Powerful Users Closer PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 01 May 2015 00:00

Your IBM i users are human—and prone to putting sensitive information at risk.

robin tatamWritten by Robin Tatam

Information will always be at risk, thanks to human failings like greed and incompetence. As guardians of our enterprise data, it's our responsibility to deploy controls and enforce policies designed to reduce the risk of a data breach, no matter what might cause it.

 

Note that I didn't say eliminate risk—that's an important distinction. If history has taught us anything, it's the old cliché "where there is a will there is a way." We have to accept that there is no such thing as zero risk.

Add a comment
Last Updated on Friday, 01 May 2015 00:00
Read more...
 
Partner TechTip: "Oh! Data Breach" Is Quickly Becoming the New U.S. National "Anthem" PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 20 March 2015 00:00

The current breach epidemic could impact IBM i, but it doesn't have to.

robin tatamWritten by Robin Tatam

Unless you're filing your taxes with an address listed as "under a rock," you're probably painfully aware of a few high-profile data breaches that have occurred in recent years. While Target, Home Depot, and Anthem might not openly share whether any of their compromised systems included IBM Power Servers, we all need to learn numerous lessons, regardless of the technology platform our critical data resides upon.

Add a comment
Last Updated on Friday, 20 March 2015 00:00
Read more...
 
TechTip: A Primer on Payment Security PDF Print E-mail
Tips & Techniques - Security
Written by David Shirey   
Friday, 30 January 2015 00:00

If you handle credit card payment data in your company, you're probably familiar with the Payment Card Industry Council. But they're no longer the only game in town. Maybe it's time to look at the broad issues.

david shireyWritten by David Shirey

If you handle credit card payments in your company, you know that PCI compliance has been the gold standard for the last decade. And if you've been paying any attention lately, you know that Apple Pay was announced in October 2014 and is getting a lot of press as being the future of electronic payments.

Add a comment
Last Updated on Friday, 30 January 2015 00:00
Read more...
 
User Rating: / 1
PoorBest 
TechTip: RACF Exits PDF Print E-mail
Tips & Techniques - Security
Written by Dinesh Dattani   
Friday, 10 October 2014 00:00

It's best to avoid RACF exits, but if you must have them, mitigate their risk.

dinesh dattaniWritten by Dinesh Dattani

Editor's note: This article is an excerpt from Chapter 16 of IBM Mainframe Security.

 

A RACF exit is an optional facility provided in RACF to perform special RACF processing, above and beyond what is offered in standard RACF. RACF exits can overrule decisions made by standard RACF processing. They provide a means for an installation to tailor RACF processing to suit its own unique needs.

Add a comment
Last Updated on Thursday, 09 October 2014 13:02
Read more...
 
Partner TechTip: Why PowerTech Network Security 6.50? PDF Print E-mail
Tips & Techniques - Security
Written by Robin Tatam   
Friday, 19 September 2014 00:00

Users neglected the security void created by TCP/IP services for years, but exit programs can provide the robust solution today's threat environment demands.
robin tatamWritten by Robin Tatam

PowerTech Network Security, an exit program solution, was designed to fill a security void that appeared with the release of OS/400 V3R1 in the early 1990s, when IBM incorporated TCP/IP network server functionality into the Power Systems server. An exit program is an application program that is invoked before or after a user's request is performed and provides a function that the original software does not. In the case of network access, an exit program assists the operating system and should perform two critical tasks:

  • Audit the user transaction (the OS has very limited visibility to network activity)
  • Provide Access Control functions to limit backdoor data access and server functionality
Add a comment
Last Updated on Friday, 19 September 2014 00:00
Read more...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 18

WEBCAST

MC Webcast CenterFEATURED WEBCAST

See What i Can Do With Modern RPG Development

Your applications deserve more than just a new look! Change the perception of the IBM i as “old” with modern development tips from IBM and Profound Logic Software.
Watch as Barbara Morris, Brian May and Alex Roytman dive beneath the GUI surface to show the benefits of:

 

  • Working with free-format RPG in IBM i TR7
  • Breaking free from “The Cycle” of traditional RPG development
  • Going beyond the 10 character limit in display and database files
  • And more!

You'll also see a live demonstration of these techniques as the presenters create a modern web application before your eyes! 

 

Watch the Webinar Now!

 

TRIAL SOFTWARE

MS Office Connector for Query/400

NGS' Qport Office enables Windows users to run IBM Query/400 queries to: 

 - Create and update Excel spreadsheets and Access databases

 - Create Word documents

 - Send to Windows screen and PC printers

No query conversion is required. Works with i5/OS V5R1 & above. Installs in minutes!

If you don’t have a budget to replace IBM Query/400, but want your users to have one click enhanced output of their queries.… Request the online license agreement and product download instructions today!

Offer good through December 31, 2013.

   MC-STORE.COM