Get Your IBM i Security Assessment Without the Cost of a Formal Audit
IT managers—like all managers—face near constant pressure to keep costs under control and within the budget. Not every project gets funded, and the ones that do need to be an efficient and cost-effective use of resources. In these circumstances, IBM i security initiatives are even more important.
A data breach, whether perpetrated by hackers or rogue employees, could result in significant legal costs as well as long-term damage to customer and investor confidence. The risk of valuable data becoming compromised increases when the staff charged with watching for illicit activity are stretched to the breaking point. The right i Series security solutions deliver value by simultaneously reducing IT workload and mitigating the risk of an expensive breach.
But Where to Start?
A common problem is a lack of clear direction regarding the tasks and priorities of securing your IBM i system. Sometimes, there are known vulnerabilities that clearly need to be addressed as soon as possible—such as application users running with *ALLOBJ special authority. But, often there isn’t a thorough understanding of what’s wrong with a server’s configuration or what should be addressed first.
One approach to this problem is to hire a security consultant to perform a full audit of the environment and map out the priority of the resolutions. Unfortunately, the number of professionals who truly understand IBM i security is small; the number that you can hire to perform a good quality audit is even smaller. As a result, those professionals typically are very busy and command a premium fee for their services.
IBM i Security Scan
A better option is to start with a free Security Scan, a unique tool that can scan an IBM i server in less than 10 minutes and display the results in a dynamic browser-based application and are yours to keep.
Evaluation is conducted in six critical areas: public authority to libraries, network-initiated data access, administrator privileges, system security, user provisioning, and server auditing. An executive scorecard rates the server overall and quick-access tabs provide visibility to the technical details.
An IBM i security expert helps interpret the findings and is available to architect the appropriate solution via a combination of OS configuration changes and software.
Companies that they already have a good grip on their security controls still appreciate an independent affirmation of that fact.