New Year, new budget. But that doesn’t mean you want to blow it all on a formal audit. In fact, you may be asked to spend less this year on security, even though you desperately need it.
The economic downturn during the past few years has resulted in fewer resources for I.T. projects, leaving management scrambling to find more efficient and cost-effective ways to utilize the resources that remain.
While many projects end up being postponed or shelved during a recession, IBM i security initiatives often become more critical. Disgruntled workers—or those who are simply fearful of losing their jobs—become tempted to act in ways that they might never consider during less stressful times.
In addition, the risk of valuable data becoming compromised actually increases as staff charged with the responsibility to watch for illicit activity becomes over-burdened. The old adage of having to “do more with less” has never been truer and can be fatal.
Sometimes, there are known vulnerabilities that clearly need to be mitigated as soon as possible—such as application users running with *ALLOBJ special authority. But, often there isn’t a thorough understanding of what’s wrong with a server’s configuration or what should be addressed first.
One approach to this problem is to hire a security consultant to perform a full audit of the environment and map out the priority of the resolutions. Unfortunately, the number of professionals that truly understand IBM i security is small; the number that you can hire to perform a good quality audit is even smaller. As a result, those professionals typically are very busy and command a premium fee for their services.
A better option is to start with our free Security Scan, a unique tool that can scan an IBM i server in less than 10 minutes and display the results in a dynamic browser-based application and are yours to keep.
Evaluation is conducted in seven critical areas and an executive scorecard rates the server overall and quick-access tabs provide visibility to the technical details.
An IBM i security expert helps interpret the findings and is available to architect the appropriate solution via a combination of OS configuration changes and software.
Not surprisingly, interest in HelpSystems' complementary scans continues to rise as modern organizations scramble to comply with increasingly stringent regulatory mandates as well as to satisfy corporate due diligence.
Even if you find you already have a good grip on your security controls, you can still appreciate an independent affirmation of that fact.