Carol reveals what inspires her and makes her happy.
It's the time of year when Oprah releases her list of favorite things, so Carol shares her list of favorite IBM i features and security resources.
Favorite IBM i Report
My favorite IBM i report is the one generated from running Print User Profile (PRTUSRPRF). The result is actually four reports—all in the same spooled file. I use the first report to review users' group membership, special authority assignments, and limited capability setting. The second report lists configuration information such as the users' initial menu and initial program. The third report is useful in determining whether a profile has a password, the password last changed date, and the users' last sign-on date. (This shows when an organization is using the IBM-supplied profiles for inactive sign-on.) The last report is helpful when moving the system between password levels.
Favorite Security Report
I couldn't choose. I have two favorite reports. Verizon's Data Breach Investigations Report and the Ponemon Institute's Cost of Data Breach Report. Both reports are enlightening and show the trends of hacks and breaches.
Favorite IBM i Audit Entry
My favorite IBM i audit entry is the Password (PW) audit entry, and to be more specific, my favorite field is the one showing whether the password passed the system's password composition rules. How could a password not meet the password rules you ask? Rules aren't met when the password is set using the Create User Profile (CRTUSRPRF) or Change User Profile (CHGUSRPRF) command. Security administrators are famous for using easy-to-guess passwords. Now they can be caught doing this. Better yet, in V7R2 you can add the *ALLCRTCHG value to the Password Rules (QPWDRULES) system values; then the system enforces the rules all of the time—even when using CRT/CHGUSRPRF.
Favorite IBM i Command
I use the Display User Profile (DSPUSRPRF) command all the time. Most everyone knows to use it to see the details of a specific profile, but my favorite use is to specify one of the variations, such as to look at the objects the user is authorized to or to list the group members if the profile is a group. Then I also use it to send all details of the user profiles to an outfile so I can do a larger analysis and run reports.
I read a number of newsletters and websites to stay current. My favorite IBM i newsletter (other than the SkyView Partners' newsletter, of course!) is written by fellow IBM i security expert Dan Riehl.
My favorite non-IBM i newsletters include:
- Dark Reading Weekly published by InformationWeek
- Bank Info Security published by the Information Security Media Group
- And last, but definitely not least, is the Krebs on Security blog
This is really a partial list, but some of my favorite people are:
- My family—my brother, my sister, and all of my "kids" (my nieces and nephews, their spouses, and their children). They are the love and the joy in my life.
- My friends who are really family because they're just too special.
- Victoria Mack, editor of my articles. She's the person responsible for making my writing readable. I continue to learn from her. My goal is to one day get an article back with no corrections. Not sure I'll live that long, but it seems like a good goal! Thank you for your friendship, Victoria, and for your patience with me as I continue to mix up "affect" and "effect."
- Friends of SkyView Partners—Our employees, customers, friends and contacts at IBM, and business partners.
- The IBM i community—Yes, it's this special community that keeps SkyView Partners in business. But it's more than that. It's a community that drives me to continue to learn, to stay current, and to provide the best advice and direction possible so this community can get and keep their IBM i systems secure.
During this holiday season, I encourage you to let the people in your life know how special they are to you. Life is too short and too precious to waste it on things that don't matter. But the people in your life, they matter. So make sure they know it.
Happy holidays, everyone!