Facing Your IBM i Security Fears Head On
As an IBM i administrator, IT manager, or security officer, you may be feeling anxiety due to escalating security threats, the ever-changing requirements of compliance regulations, and/or impending audits. You’re not alone. Most companies today are also nervous, so they’re making it a priority to improve the state of their system security. In fact, in a recent Syncsort survey, nearly half of the respondents revealed that enhancing and upgrading security on IBM Power Systems is their primary IT initiative for this year.
Perhaps what companies find most troubling about securing their IBM i is that the job is never done. That’s because security isn’t static: threats are constantly changing, new and expanded compliance regulations are being introduced, and there are new technologies and best practices to consider. On top of everything else, IT environments themselves are in a constant state of flux resulting from changing user needs, new workloads, new interfaces to external protocols, and more.
Top Security IBM i Challenges and Their Solutions
Within the realm of IBM i security, we’ve identified six primary challenges along with recommended solutions in our new e-book, Passing Your Next Audit: The Challenges of Properly Securing Your IBM i and Maintaining Compliance. These six challenges and their corresponding solutions are:
Monitor and enforce IBM i security in an environment of ever-changing internal security policies and compliance requirements.
The solution is to have tools that take your security and compliance policies and closely tie these to the configuration of objects and system settings in your IBM i environments. The e-book describes these tools and how they can be defined to keep IT staff alerted to policy breaches as well as to make it easy for staff to generate the reports auditors require.
Control security vulnerabilities caused by the proliferation of data- and system-access methods, including open-source protocols.
The solution begins with comprehensively protecting exit points using exit programs, but it needs to go a step further to protect against unauthorized access via the growing number of open-source protocols. The e-book describes how a rules-based approach is key to comprehensively protecting against any unauthorized access, whether through traditional methods or through open-source protocols.
Ensure only authorized users can view sensitive data.
In addition to protecting against unauthorized access, the solution is to encrypt, mask, or scramble sensitive data, depending on your company’s needs and the requirements of compliance regulations. The e-book describes these techniques and also outlines some surprising add-on benefits that data encryption provides.
Audit and trace any type of suspicious system or database activity on the IBM i.
The solution is to utilize journaling to track activity. Journals are the method of choice on IBM i because they are reliable, they collect everything within their defined scope, and they cannot be falsified or otherwise manipulated by any user or process. The e-book describes essential tools that are needed to filter and read the massive amounts of cryptic data that journals collect, as well as to create the reports that auditors require.
Control powerful profiles and other risky user capabilities within IBM i environments.
The solution is to minimize the use of powerful profiles by granting selected users with elevated authority only for a specific scope of work and during a limited period of time. The e-book describes tools that make it easy to manage this process while also recording every action of the user during the period of elevated authority.
Find unseen security vulnerabilities within your IBM i environments.
The solution is to conduct periodic security risk assessments. The e-book describes how risk assessments can be conducted both through the use of tools designed for the task as well as by external security
Keep Your IBM i Secure
You’re required to ensure that your IBM i meets compliance regulations, but compliance is only one part of a truly secure system. To achieve a security posture that is a real deterrent to theft or fraud—whether perpetrated by external or internal actors— requires a determined, consistent effort that combines the right mix of technologies, expertise, and best practices, all of which must be able to adapt to rapidly changing threats and regulations. The information presented in this latest e-book is intended to give you some good insights in this direction.
Download the free e-book to learn more about the challenges and solutions to ensuring IBM i security.