Compliance Assessment for IBM i

Is your system ready for an audit? Check your security configuration to find out.

Compliance mandates, like HIPAA, SOX, MICS, and PCI DSS, set minimum requirements for cybersecurity. If your IBM i (System i®, iSeries®, AS/400®) is not properly configured, sensitive data is vulnerable—and that vulnerability is an indicator of out-of-compliance security settings.

Our free compliance assessment uses the free Powertech Security Scan to identify and prioritize these vulnerabilities, so they can be corrected before an audit.

The process is simple: Security Scan runs directly from a network-attached PC without modifying any system settings. One of our Security Advisors will help you interpret the results, and you can print the finding for your records. You can even run Security Scan again within 7 days to analyze the impact of configuration changes.

Why Should I Assess My Compliance?

Security Scan examines common security metrics and highlights vulnerabilities that signal compliance issues. You’ll also learn what steps you can take to improve your security and compliance posture. Security Scan is:

  • Safe—The non-intrusive program runs in minutes and leaves no files on your system
  • Confidential—Only you see the results
  • Thorough—A Security Advisor helps you understand the current state of your IBM i security
  • Clear—You’ll understand where your system is secure and what areas pose compliance problems

You’ll find out where your IBM i security currently stands, whether your system is at risk, and how to improve compliance with common government regulations and industry requirements.

"The free Security Scan from HelpSystems was far more valuable than anything we've done to this point. Their report summary was also the most well put together analysis we've had in some time."

"The Security Scan is a valuable tool for identifying areas of concern. It provided me with the right information to present to management so I can get the resources that I need to fix the issues."

Security Scan Assesses Critical Areas of IBM i Security & Compliance

Executive Summary

The Executive Summary ranks the overall condition of your system. Red, yellow, and green indicators compare your system against best practices, along with references to the COBIT framework to which they apply.

Administrative Rights

The Administrative Rights section reviews eight special authorities and the vulnerabilities of each.

Public Authority

The public is any user with a profile and password, so this section indicates how accessible the system is to the average end user.

User Access to Data

The User Access section reviews user access to system data through common network access services, such as FTP, ODBC, and Remote Command.

FTP Access

The FTP Access section identifies security vulnerabilities caused by using FTP (file transfer protocol) to transfer files between a client and server on a network.

System Security

The System Security section examines key system values that control security settings on your system.

User Security

The User Security section reviews how many user profiles haven't been used for at least 30 days and how many have default passwords, as well as reviewing basic password settings.

System Auditing

The System Auditing section checks if you are using the IBM i event auditing capabilities and the types of events being audited.

Recommendations

The Recommendations section provides suggestions for remediation based on the security checks performed on your system.

What Do I Get After Running a Security Scan?

Results of your Scan are compiled immediately and presented for review in an easy-to-understand, browser-based, interactive reporting application. A Powertech Security Adviser can help you interpret the results, and you can save or print the findings for your records.

Security Scan does not leave files on your IBM i. The Security Scan application installs a licensed program to collect security data, but the files are removed upon completion of the analysis or you can remove the program manually using the DLTLICPGM command. You also have seven days after your Security Scan to make configuration changes and rerun the Scan to test your changes.

VIEW A SAMPLE REPORT