SkyView Partners, Inc. - Leaders in Security Policy Compliance Software and Services 

IBM i & Open Systems Security Tips
Carol Woodbury, Editor
April 2014

by Carol Woodbury
Co-founder, President & CTO, SkyView Partners, Inc.

I'd like you to imagine the unthinkable-that your organization's been hacked. Please entertain that thought with me for a few minutes. Let's pretend that you've just been notified that the personal data of your organization's customers has been posted to an underground website where it's up for sale. In addition to fighting back a severe case of nausea, what do you do? You'd reach for the printed copy of your organization's incident response plan, right? What do you mean there is no such document? Are you telling me that you have never thought through this scenario and documented the steps to take in the case your organization experiences a breach?

Unfortunately, I believe the majority of the IBM i shops-large and small-are unprepared should their networks and/or systems be breached. I believe it's because most organizations think it will never happen to them. If that's your attitude, start reading the news. A new article about another company being breached appears almost daily. I'm guessing that the former (note, I said "former") CIO of Target never thought her organization wouldn't be breached either. Look how well that worked out for her.


The focus of this month's newsletter is about preparing an incident response plan, that piece of paper that's pulled out of a drawer should you get that dreaded phone call.

  

UPCOMING WEBINARS

Coffee with Carol: "Security Considerations for Application Development including PCI requirements"

Security is more than just setting the right *PUBLIC authority of application objects.  How to determine the most effective way to access data with sufficient authority, user authentication requirements, object ownership, roles, encryption requirements, as well as how regulatory requirements play a factor all need to be considered in an application's design.  These issues, as well as a description of the PCI DSS application development requirements will be discussed.

Wed, May 14, 2014 8:00 AM - 9:00 AM PDT 

  


Coffee with Carol: "Encrypting Data with FIELDPROC - No Application Changes!" with Guest Presenter Patrick Townsend

Encryption without application or database changes is now possible using FIELDPROC on IBM i V7R1. Join Guest Presenter Patrick Townsend as he discusses how organizations of all sizes are implementing FIELDPROC encryption, performance impacts, and how to make sure your FIELDPROC encryption solution will pass a compliance audit. Automatic encryption with FIELDPROC is absolutely the easiest, fastest, and most secure way to encrypt data on the IBM i.

Thu, Jun 12, 2014 8:00 AM - 9:00 AM PDT

  
 
 

Follow us on Twitter      Find us on Facebook

View our profile on LinkedIn
  SkyView Partners is an IBM Advanced Business Partner