Modernization isn’t just about the user interface, language, and database. You need a security modernization strategy.

Written by Steve Pitcher

Last week, I did a webcast for COMMON entitled “IBM i and our False Sense of Security” in which I talked about a number of potential vulnerabilities for IBM i partitions. Two areas that I’ve received a lot of feedback on are encryption protocols and ciphers.

Carol discusses the differences between these two methods of elevating authority on the IBM i.

Written by Carol Woodbury

Many organizations have the requirement to reduce the number of profiles to which special authorities—especially *ALLOBJ specially authority—have been assigned. In many cases, the excess capabilities can simply be removed because they aren't required for the person to perform their job functions. *SAVSYS special authority is a good example. Unless the person is performing system saves—i.e., is in the role of system operator or system administrator—the user does not need *SAVSYS assigned to their profile.

With a enough time and a little insight, a system that hasn't been properly secured will be exploited.

Written by Steve Pitcher

A few weeks ago, I wrote a piece called "The Internet of Unprotected Things," which touched on the security concerns of twenty billion connected devices in a few short years, otherwise known as the Internet of Things (IoT).

I had a pretty good response to the article. So much so that a number of people asked me to ethically hack their IBM i as an impartial party for intrusion detection purposes. One company was really interested because they were very confident in their abilities in security. To be fair, we all are. There's nothing like giving someone a program you've written and saying, "Try to break it." You learn pretty quickly where the bugs are.

Safeguarding and protecting passwords on IBM i demands moving to a higher level. Carol discusses the benefits and provides guidance on changing QPWDLVL to increase password strength.

Written by Carol Woodbury

There's heightened focus across the IBM i community to improve the power of passwords. That's music to my ears! Here are the considerations you'll have to make when moving the system to a higher password level.

The system value QPWDLVL controls the password formats stored as well as the length and character set available for users' passwords. Changes to this system value will take effect with the next IPL. I'll discuss this system value in two sets: Password levels 0 and 1 and password levels 2 and 3.

Carol provides guidance on protecting data in printed reports.

Written by Carol Woodbury

I get inspiration for this column from a variety of places, but I have to give credit to one of my clients for this article. As he duly pointed out, there's a lot of "interesting" information to be found in spooled files and in PDFs in IFS directories that are left on the system—sometimes for a very long time. So thanks to TJ for inspiring me to write about this important topic.

A Hollywood Blockbuster Cluster

Written by Robin Tatam

Government agent Heathen Runt slips into his specialized climbing gear, and in a pocket of his magnetic backpack, he stashes the thumb drive he will use to access the server. He then embarks on the long, arduous ascent to the top of the precipice that marks home to the impenetrable data center belonging to the evil organization known as Server People Hampering Integration of New Core Technologies, or SPHINCTer.

Carol provides her pet peeves when it comes to IBM i security configuration.

Written by Carol Woodbury

At this time of year, many lists of favorites are published, but I thought I'd take a slightly different twist and publish my list of IBM i security pet peeves.

Carol provides suggestions for ways you can "spruce up" your security configuration.

Written by Carol Woodbury

I've been in my house for a while now, and I'm looking around and thinking that it's time for a little redecorating. I did a major renovation about three years ago, but now some walls need to be painted and I need to switch out some accessories. My problem is that I can never come up with the ideas myself. I always need to look through some home decorating magazines first. So just in case you're in the mood to redecorate your IBM i, here are some suggestions for freshening up the décor of your security configuration.