IBM i Security Tips
by Carol Woodbury
June 2011

Bad Mood!
by Carol Woodbury
President & CTO, SkyView Partners, Inc.

I admit it - as I write this - I'm in a bad mood. Why? Because I have been putting off a lot of little tasks - taking clothes to the tailor, scrubbing my kitchen floor, cleaning out my closet, etc because I just didn't feel like doing them. Now, all these little tasks are looming over me and making me grumpy.

What does this have to with security and compliance you ask? Lots. I believe that a lot of you have put off addressing your security and compliance needs because you just didn't "feel" like doing them.

If you're getting grumpy because you realize you shouldn't put this off any longer. What should you do?

Here are 5 steps to work on...

SECURITY NEWSSTAND

BofA Breach: 'A Big, Scary Story'    

An internal breach at U.S. financial giant Bank of America shows how some corporations do not focus enough attention on mitigating internal fraud risks.

 
Dodd-Frank regulations compliance
demands compliance bureau 

The Dodd-Frank Wall Street Reform and Consumer Protection Act was signed into law by President Barack Obama last July to close the legal loopholes that contributed to the financial crisis of 2007-2010 and provide more regulation and oversight of the financial industry.

Many mistakenly think the law only applies to financial institutions, Bace said, but it applies to all publicly held companies.

 

How to pick a password that's hard to hack   

The latest LulzSec attacks revealed that most victims used email passwords that were easy to decipher. A good password doesn't have to be impossible to remember. Here are tips for protecting your accounts.

Read the Complete Article 

 
How SkyView Partners Can Help

SkyView Partners is dedicated to providing software to help you simplify and automate your security administration tasks and solve your compliance requirements.

 SkyView Risk Assessor - Automated vulnerability reporting. 
  • Security begins with an assessment. Find out your system's vulnerabilities lie, receive an explanation of the issues and suggestions on where to start with SkyView Risk Assessor. 

SkyView Policy Minder - Automated security policy compliance reporting. 

  • Find out whether your system's security configuration is in compliance with your security policies and automate security administration tasks for the IBM i with SkyView Policy Minder. 

SkyView Audit Journal Reporter - Automated security event reporting. 

  • Get pre-defined auditor-ready reports are provided, allowing you to have the security and compliance reports you need without having to understand the complexities of the IBM i audit journal with SkyView Audit Journal Reporter
In This Issue
Bad Mood!
BofA Breach: 'A Big, Scary Story'
Restaurant group faces $110,000 fine
How to pick a password that's hard to hack
SkyView Partners Solutions
Technology Preview

Automating IBM AIX Security Compliance Reporting

 

 by Carol Woodbury 

Webinar Recording
(Available on Demand)

Compliance and reporting requirements span all operating systems. Now the reporting features that are available for IBM i are available on IBM AIX. Yes you can gather and compare the information on user accounts, directory and file permissions and global settings using hand-written scripts run on each of your partitions. Or... you can use Policy Minder for AIX to automate the process of gathering and reporting on the information simply and concisely, consolidating information from each AIX server being examined.

During this webinar you'll see the features of Policy Minder for AIX and see how you save time on your compliance reporting needs and see how to set up a consistent, accurate and efficient process that can span multiple partitions from a single console.


Success Story

SkyView Meets Napa Recycling's IT Security Needs

"I was very comfortable with SkyView from the beginning.

They walked me through the processes involved in assessing the current system and identifying the problem, and provided a road map and user training documents.

It was easy to work with them and they made the changes solid and painless."

Mike Murray, CFO at Napa Recycling and Waste

Read the full Case Study 



Helpful resources

Policy Minder User Tip

Be sure to run the PRGMSGLOG command on a periodic basis to purge old entries from the message log. We recommend scheduling it to run monthly and keeping 90 to 180 days' of data. All Policy Minder commands are in the SKYVIEWPMP library.

 

Follow us on Twitter      Find us on Facebook
  SkyView Partners is an IBM Advanced Business Partner  

SkyView Security Check-up

Q. How do you perform (independent) vulnerability assessments?   

 

A. That's what the SkyView "Security Check-up" is designed to address.

 

SkyView Security Check-up is a consulting service designed to provide you with a 3rd party assessment of your systems' security environment. SkyView Security Check-ups:

  • Are done offsite, so we don't have to interrupt your normal work flow.
  • Represent an independent third party verification of your security.
  • Give you a prioritized list of "next steps" to take with your systems security

Click here for a SkyView Security Check-up Fact Sheet