Make Sense of IBM i Security with Assure Security
In a world filled with an ever-expanding array of cyber threats, IBM i enjoys a well-deserved reputation as one of the most securable operating systems on the planet. But in practice, maintaining a high level of IBM i security isn’t automatic. The operating system offers a wealth of security settings that must be configured, and additional layers of security are required to fully protect data residing on the IBM i from breach.
With bad actors, both external and internal, applying their best ingenuity to finding new ways of compromising your business-critical operations, one key critical layer of security you must have in place is an ability to monitor and react to security-related events occurring in your environment in real time. Let’s take a look at what it takes to do that.
IBM i Logs and Journals Provide Critical Security Information
One of IBM i’s most important assets for maintaining a high level of security is its system of logs and journals that keep a running record of changes to system resources. For example, all user activity, including login attempts, changes to user profiles, and the creation, modification or deletion of system objects, is recorded in the System Audit Journal (QAUDJRN).
A key feature of QAUDJRN is that once information is entered, it cannot be changed, providing a tamper-proof audit trail that facilitates compliance with regulatory regimes such as HIPAA and GDPR.
However, the very completeness of the information recorded in IBM i logs and journals poses a significant challenge. Collecting, correlating and analyzing this mass of data can be an overwhelming task.
With the OS recording more than 70 different types of security-related events, just knowing where needed information is located in the system can require a level of detailed IBM i expertise that many of today’s system administrators lack.
That’s why having a software solution that can break through the complexity while providing administrators with a comprehensive, real-time view of key operational, security and compliance information is critical. Syncsort’s Assure Monitoring and Reporting, a feature of Assure Security, is specially designed to do exactly that.
Assure Monitoring and Reporting Automates IBM i Journal Analysis
The Assure Monitoring and Reporting feature of Assure Security automates the analysis of data logged by IBM i systems and generates clear and actionable alerts and reports for various stakeholders. With Assure Monitoring and Reporting, you can analyze IBM i log and journal information in real-time to save time and money on achieving regulatory compliance, identifying compliance deviations and detecting unauthorized activities.
Assure Monitoring and Reporting is comprised of two components which can operate independently or together. Assure Monitoring and Reporting’s System Module comprehensively monitors your system to report on changes to system objects, access attempts, powerful user activity, command line activity, access to sensitive data, and more. The Database Module produces reports and alerts for any database activity on the IBM i. Static system data sources are also analyzed to identify possible deviations from best practice. An add-on is also available to forward security log data to an enterprise Security Information and Event Monitor (SIEM).
Assure Security Provides Comprehensive Security for IBM i Systems and their Data
The complete Assure Security product, which includes Assure Monitoring and Reporting, includes features that assess risks, control access to your systems, ensure data privacy, and monitor for compliance and security incidents. As with Assure Monitoring and Reporting, capabilities can be licensed individually or in bundles.
The Assure Security product includes:
- Assure Multi-Factor Authentication to strengthen IBM i logon security
- Assure Elevated Authority Manager to automate management of powerful user authorities
- Assure System Access Manager to control system and data access through a wide variety of traditional and modern exit points
- Assure Encryption to encrypt and tokenize IBM i data at rest
- Assure Secure File Transfer to encrypt data in motion across networks
- Assure Db2 Data Monitor to monitor and block access to sensitive records
- Assure Monitoring and Reporting to extract insights from IBM i journal data
- Assure Security Risk Assessment to analyze data from more than a dozen security categories, generate detailed reports, and provide recommendations for addressing any vulnerabilities.
If you’d like to know more about how Assure Security can improve your IBM i security, please take a look at our Assure Security web page.
Download our eBook on IBM i compliance and security.
You can also learn all about Assure Security by watching our webinar where we’ll introduce you to Assure Security’s capabilities and show you how Assure Security can help you with all your high priority IBM i compliance and security needs.