HelpSystems Blog

How to Secure Data Access on IBM i (Webinar Recap)

Security threats are everywhere. Important data—like names, passwords, and account information—is stolen frequently.

Look at last year alone. Dropbox was hacked and 68 million user logins were compromised. One billion Yahoo users had data stolen in a breach, too. And Oracle suffered a data breach that compromised login credentials for customers at hundreds of companies.

Ransomware can impact a lot of companies—even small companies. No matter who you are or what your organization does, you need to make sure your data is safe. That’s why it’s time to secure data access on IBM i.

There are a lot of ways you can go about locking down access to your data. Not sure where to start?

Robin Tatam and Heath Kath of HelpSystems recently hosted a webinar to introduce your options for securing data access on IBM i.

 

Do We Really Need “Extra” Security?

Cybercrimes occur constantly. A lot of people consider someone outside the firewall to be the bad guy trying to steal your company’s data. But the truth is, many cybercrimes and cases of data theft are due to people inside the network.

How do we stop this?

We need to limit their access to the data that is appropriate for doing their job.

The IBM i is a great place to keep your data on because it’s one of the most securable platforms around. But one key mistake that Robin notices all the time is that most people assume IBM i is secure on its own. While the controls and capabilities are there, they’re not customized and preconfigured for your systems.

IBM i is highly securable, but you can’t rest your data’s safety on built-in IBM i security alone. The second your data leaves IBM i and goes into another tool—like a Microsoft Excel spreadsheet—your green screen security won’t help you.

So, yes, you do really need that extra security.

 

Provide Secure Access to Data—So Users Only See What They Need

There’s a tricky balance to manage when it comes to providing secure access to data.

On one hand, you have users who need access to certain information to do their job. On the other hand, you need to make sure they don’t see any information they shouldn’t be privy to. That’s where security comes in.

The HelpSystems State of IBM i Security Study found that most people are running at the minimum recommended level of 40. If you’re not, there are some well-documented loopholes that can be exploited.

So why aren’t some organizations at the recommended level? According to Robin, most of us don’t do system configuration from scratch. When we migrate to new systems, we’re pulling settings off the last system. We tend to restore attributes and system values. And there are many different settings that influence that.

Sequel Data Access includes administrative functions to lock data down. Skip to 23:48 to see Heath demonstrate Sequel’s administrative security settings.

 

Let Users Analyze Data—Without Making Changes to It

Your users need access to data for a very important reason. Sharing data leads to more analysis and more opportunities for your organization.

But not all data should be open to everyone.

As Heath Kath mentioned, Fort Knox is secure because the doors are locked. But some organizations can’t completely close the doors.

That’s why it’s important to have different levels of security—and keep the right doors closed and the right doors open.

Skip to 24:17 of the recording to see Heath demonstrate four different levels of security available within Sequel. It starts with IBM i security. Then you can add Sequel, Advanced Sequel, and Sequel Web Server security to customize the settings to meet your needs.
 

Distribute Data to Users—Without Compromising Data Integrity

Users need to see data in a format that makes sense to them. Microsoft Excel is a popular example of what users want their data in.

But there’s always a tug of war between keeping your system secure and sharing the data. As Robin mentioned, users want it to be as open and available as possible. But whether it’s an industry regulation, a government mandate, or simply a best practice, you need to ensure that data is handled appropriately. If it falls in the wrong hands, it can cause problems.  

Half the challenge is collecting the data. The other half is doing something with it. Accessing data can be controlled, and it should be.

When you have such a large quantity of data, it can be difficult to filter down to see the data you need. Automation can take that data and feed it through a tool like Sequel. That helps you with things like auditing to make sure you have oversight.

Skip to 30:59 in the recording to see Heath demonstrate how to distribute data securely with Sequel.

Jump to 23:30 in the recording to see Heath Kath demonstrate how Sequel Data Access makes it easy to secure data access on IBM i. Or see the benefits for yourself with a personalized demo.