Hardening IBM i
by Carol Woodbury
President & CTO, SkyView Partners, Inc.
I've been asked recently for some recommendations a security administrator might use for 'hardening' an IBM i in preparation for making it reachable via the Internet. While you may be not be planning to make your i available directly on the Internet, you may want to follow some of these recommendations for reducing risk in your own environment. The basic principle to follow is that if it's not necessary for the task the system is to perform, don't install it, don't start it and allow it to be created. Let's look at some recommendations ... |
Restaurant group faces $110,000 fine for failing to secure its patrons' personal information
Massachusetts levies first 201 CMR 17 fines against restaurant group
The fine against the Briar Group LLC represents the first in the nation for failing to meet the data privacy law, 201 CMR 17, since it took effect in March 2010.
"Our office will continue to take action against companies that fail to implement basic security measures on their computer systems to protect the sensitive information entrusted to them by consumers." Martha Coakley Attorney General, Massachusetts
|
Cost Of Data Breaches Up Again
Everything's more expensive these days -- and experiencing a major corporate data breach is no exception.
The Ponemon Institute and Symantec earlier this week released the findings of the "2010 Annual Study: U.S. Cost of a Data Breach," which reveals data breaches grew more costly for the fifth year in a row.
|
Top 9 Security Threats of 2011 Mobile banking and social networks are expected to pose new security threats in the payments space in 2011. But security experts say those threats won't displace the Zeus botnet, malware attacks and phishing threats, which for years have plagued banking institutions. Fraud attempts will escalate, not diminish, as new threats and channels blossom in 2011.
As 2010 came to a close, Information Security Media Group caught up with a handful of leading industry experts to get their takes on the top security threats of 2011.
Read the Complete Article |
SkyView Partners Solutions
SkyView Partners is dedicated to providing software that helps you reduce the costs and complexities of attaining and maintaining compliance.
SkyView Security Compliance Solution is a turnkey solution for fully installed and configured security compliance reporting on IBM i (iSeries) servers. (All you have to do is check your email.)
SkyView Policy Minder is an IBM i & i5/OS security compliance management tool that automates security policy compliance monitoring and delivers comprehensive security administration functionality.
SkyView Risk Assessor is an automated IBM i & i5/OS security diagnostic tool that analyzes your security settings from more than 100+ "risk points" compared to security best practices. NEW - SkyView Audit Journal Reporter provides pre-defined, auditor-ready reports on the events recorded in the IBM i audit journal.
|
|
 |  |  |
|
Upcoming Webinar
Automating i5/OS Security Administration Tasks
by Carol Woodbury Thurs, Apr 6, 2011 8:00 AM PDT How many security administration tasks do you do ... - every day?
- every week?
- every year?
Security administration tasks can be time consuming, but with the right tools can be performed much more proficiently and effectively.
Join Carol Woodbury as she demonstrates how the SkyView Security Compliance Solution assists with every day security administration tasks such as discovering and managing inactive profiles, detecting changes to system values (along with who made the change), discovering who or what process has deleted an object or created a program into a production library.
|
|
| |
|
Success StorySkyView Meets Napa Recycling's IT Security Needs
"I was very comfortable with SkyView from the beginning. They walked me through the processes involved in assessing the current system and identifying the problem, and provided a road map and user training documents. It was easy to work with them and they made the changes solid and painless." Mike Murray, CFO at Napa Recycling and Waste Read the full Case Study
|
|
| |
|
Helpful resourcesPolicy Minder User Tip
Be sure to run the PRGMSGLOG command on a periodic basis to purge old entries from the message log. We recommend scheduling it to run monthly and keeping 90 to 180 days' of data. All Policy Minder commands are in the SKYVIEWPMP library.
|
|
|
