Identification and Access Management Software for IBM i
Privileged user management for system administrators
Protect Sensitive IBM i Information
Giving too much system access to the wrong users can lead to catastrophic data corruption and loss. Limit the risk with privileged access management software. Powertech Authority Broker for IBM i protects corporate assets and audits user access in real time for maximum system security.
Control User Privileges
Security best practices recommend limiting the number of privileged user accounts, but having too many user profiles with special authorities is one of the most common security lapses uncovered in IBM i audits. Give users the access they need to do their jobs—without giving too much.
Capture IBM i User Activity
Maintain a record of everything a user does when they swap into a privileged profile. Using award-winning screen capture technology, Powertech Authority Broker for IBM i provides system administrators and IT leaders with an unparalleled view of user activity, helping to safeguard sensitive IBM i data.
Save Time and Resources
Developing user management tools in-house can be incredibly time-consuming. By comparison, implementing Powertech Authority Broker for IBM i is quick and easy, saving you time and internal resources.
Monitored authority swap
Ensure special authorities are granted only to those who need them, when they need them. Powertech Authority Broker for IBM i allows you to delegate and monitor elevated privileges, eliminating the need for special authorities in staff members’ everyday profiles. Define users who have the ability to swap into privileged profiles, controlling what authorities they can switch to and setting date or time restrictions for how long they can use that authority.
See every keystroke a user performs when he or she swaps to elevated authorities. Powertech Authority Broker for IBM i records a user’s every movement, even in transparent utilities such as SQL, DFU, and SST. Each time a user steps through a menu or enters a command, a screen grab is triggered. Screen captures can be viewed in near real-time or sent to an administrator in PDF form.
Separation of duties
As a security best practice, separation of duties limits giving too much power to any one individual to help prevent fraudulent activity and abuse of privileges by users. Auditors look for segregated duties as part of Sarbanes-Oxley (SOX) audits. Powertech Authority Broker for IBM i helps you satisfy auditors and prevent conflicts of interest by enforcing the segregation of duties when granting system access to team members; for instance, inhibiting a developer from writing the programs that report on his own activity, or giving development staff emergency access beyond their usual authorities.
Real-time IBM i alerts
Know exactly when users assume privileged authority with real-time alerts. Set up alerts to inform managers and any other selected recipients every time an elevation of privileges occurs. Powertech Authority Broker for IBM i will send a customized email as soon as a user assumes authority.
Dashboards in HelpSystems Insite display Powertech Authority Broker for IBM i data at a glance. View active, expired, and failed profile switches, along with switch history and duration.
Command Privilege Management with Powertech Command Security for IBM i
Nothing would happen on the IBM i without users executing commands, but a command-based system poses unique risks. While some commands are harmless if available to anyone with a user profile, others could cause significant damage or security issues if misused. Securing the system requires a solution that prevents users from performing tasks outside of their normal job responsibilities.
Just as Powertech Authority Broker for IBM i helps you manage user access and monitor user activity, Powertech Command Security for IBM i gives you the ability to monitor and restrict command usage. Allow or prevent commands from being executed based on the situation, and notify administrators when select commands are issued. Having control over certain commands helps administrators maintain a secure system and prevent inappropriate command usage.