SkyView Partners - i5/OS Security Experts
IBM i Security Tips
by Carol Woodbury
October 2009
Carol Woodbury
Is your DDM Connection Secure?
by Carol Woodbury 
 
DDM (Distributed Data Management) is a powerful feature of i5/OS. DDM allows a file to exist on one system but be opened and accessed through a totally different system. For example, an application may be running on SYSTEM_A that needs to get information out of a file that resides on SYSTEM_B. The file on SYSTEM_B can be accessed through a DDM file on SYSTEM_A that was created to point to the file on SYSTEM_B.

DDM originally ran over SNA and was able to take advantage of the security features built into the SNA protocol. But now, most DDM connections run over TCP/IP. The security features of DDM running over TCP/IP are significantly fewer than when running over SNA. Therefore, you have to work harder to ensure your DDM connection is secure. When configuring DDM running over TCP/IP, there are considerations to make for both the target and the source systems.

Let's look at some examples. ...
 
SECURITY NEWSSTAND
Lawsuit: Heartland Knew Data Security Standard was 'Insufficient'
 
Months before announcing the Heartland Payment Systems (HPY) data breach, company CEO Robert Carr told industry analysts that the Payment Card Industry Data Security Standard (PCI DSS) was an insufficient protective measure.

This is the contention of a new master complaint filed in the class action suit against Heartland ...

University data breach exposes 163,000 women to identity theft

University of North Carolina at Chapel Hill has disclosed a data breach of one of its servers that exposed the identities of 163,000 women.  The women were participating in a mammography study conducted by the UNC School of Medicine.

How to keep performance unimpeded by security

With the speed of processors and the enhancements made with the authority checking algorithm throughout the years, its unlikely that your system's security setup is the cause of performance issues,  But you can streamline two areas ...

 
SkyView Partners Solutions
SkyView Partners is dedicated to providing software that helps you reduce the costs and complexities of attaining and maintaining compliance.

SkyView Policy Minder is an IBM i & i5/OS security compliance management tool that automates security policy compliance monitoring and delivers comprehensive security administration functionality. 
 
SkyView Risk Assessor is an automated IBM i & i5/OS security diagnostic tool that analyzes your security settings from more than 100+ "risk points" compared to security best practices.
In This Issue
Is your DDM Connection Secure?
Lawsuit: Heartland Knew Data Security Standard was 'Insufficient'
University data breach exposes 163,000 women to identity theft
How to keep performance unimpeded by security
SkyView Partners Solutions
Customer Spotlight


"SkyView Risk Assessor simultaneously reduces the workload involved in IBM iSeries audits, and provides a comprehensive security overview that enables the successful identification and remediation of areas of potential risk. iSeries audits have traditionally involved many man-hours of interviewing and interrogating the system; with SkyView Risk Assessor it went like a dream."
 
Senior Manager - IT Audit
Aviva PLC
User Tip

Risk Assessor's main report lists the authentication setting for the DDM server on which the report was run.

In addition, one of Risk Assessor's supplemental reports, SKYSVRAUTE, lists the server authentication entries that have been added to the system (if any). In other words, Risk Assessor will let you know if you have a problem on your system.
SkyView Partners is an IBM Advanced Business Partner
 

 Coffee with Carol Woodbury
Free Webinar

"What's new with V6R1 Security"
by Carol Woodbury

During this presentation, Carol will discuss new system values and how you might use them, as well as new user profile attributes, new auditing values, new commands and more. Carol will lend her expertise to help you understand how best to take advantage of these new features.
Click Here to Register