Access Data While Maintaining IBM i Security
Security threats are everywhere. Important data—like names, passwords, and account information—is stolen frequently.
Look at last year alone. The Equifax data breach put 143 million Americans' information at risk. Uber is still paying for their coverup of the 2016 data breach of 57 million driver and rider accounts.
Ransomware can impact a lot of companies—even small companies. No matter who you are or what your organization does, you need to make sure your data is safe. That’s why it’s time to get serious about IBM i security, especially when it comes to data access.
There are a lot of ways you can go about locking down access to your data. Not sure where to start?
Robin Tatam and Heath Kath of HelpSystems hosted a webinar to introduce your options for securing data access on IBM i to answer questions and show how you can access IBM i data without compromising security.
Do We Really Need “Extra” Security?
Cybercrimes occur constantly. A lot of people consider someone outside the firewall to be the bad guy trying to steal your company’s data. But the truth is, many cybercrimes and cases of data theft are perpetrated by people inside the network.
How do we stop this?
We need to make sure data access is limited to those who need it to do their jobs.
The IBM i is a great place to keep your data on because it’s one of the most securable platforms around. But one key mistake that Robin notices all the time is that most people assume IBM i is secure on its own. While the controls and capabilities are there, they’re not customized and preconfigured for your systems.
IBM i is highly securable, but you can’t rest your data’s safety on built-in IBM i security alone. The second your data leaves IBM i and goes into another tool—like a Microsoft Excel spreadsheet—your green screen security won’t help you.
So, yes, you do really need that extra security.
Provide Secure Access to Data—So Users Only See What They Need
You have users who need access to certain information to do their job. You also need to ensure data security by not giving users access they should not have. That’s where security comes in.
The HelpSystems State of IBM i Security Study found that most people are running at the minimum recommended level of 40. If you’re not, there are some well-documented loopholes that can be exploited.
So why aren’t some organizations at the recommended level? According to Robin, most of us don’t do system configuration from scratch. When we migrate to new systems, we pull settings off the last system. We tend to restore attributes and system values. And there are many different settings that influence that.
Sequel Data Access includes administrative functions to lock data down. Skip to 23:48 to see Heath demonstrate Sequel’s administrative security settings.
Let Users Analyze Data—Without Making Changes to It
Your users need access to data because sharing data leads to more analysis and more opportunities for your organization.
But not all data should be open to everyone.
As Heath Kath mentioned, Fort Knox is secure because the doors are locked. But some organizations can’t completely close the doors.
That’s why it’s important to have different levels of security—and keep the right doors closed and the right doors open for the right people.
Skip to 24:17 of the recording to see Heath demonstrate four different levels of security available within Sequel. It starts with IBM i security. Then you can add Sequel, Advanced Sequel, and Sequel Web Server security to customize the settings to meet your needs.
Distribute Data to Users—Without Compromising Data Integrity
Users need to see data in a format that makes sense to them. Microsoft Excel is a popular example of what users want their data in.
But there’s always a tug of war between keeping your system secure and sharing data. As Robin mentioned, users want it to be as open and available as possible. But whether it’s an industry regulation (like HIPAA), a government mandate (like GDPR), or simply a best practice, you need to ensure that data is handled appropriately. If it falls in the wrong hands, it can cause problems.
Half the challenge is collecting the data. The other half is doing something with it.
When you have such a large quantity of data, it can be difficult to filter down to see the data you need. Automation can take that data and feed it through a tool like Sequel. That helps you with things like auditing to make sure you have oversight.
Skip to 30:59 in the recording to see Heath demonstrate how to distribute data securely with Sequel.
Jump to 23:30 in the recording to see how Sequel Data Access makes it easy to maintain IBM i security and have the right amount of data access. Or see the benefits for yourself with a personalized demo.