Resources | Fortra

Resources

Blog

Blog

Single Sign-On and the Dangers of Active Directory

By Robin Tatam on Fri, 03/24/2017

Active Directory is a staple of enterprise IT and it nominally ensures secure, authenticated access to a company's core business applications. It can become problematic if it isn't properly monitored and supported by up-to-date security software, modern hardware, and access controls. Accordingly, system administrators face many potential risks when working with Active Directory.

Banks depend on AS/400 for security

Blog

Blog

IBM i: The Backbone of the Banking Industry

Tue, 03/21/2017

Highly regulated organizations such as those in the banking industry have a strong history with IBM i, and for good reason—the platform offers an unprecedented level of security.

IBM APIs for encrypting database fields

Blog

Blog

Compare Powertech Encryption for IBM i to IBM's Cryptographic APIs for Encrypting Database Fields

By Bob Luebbe on Fri, 03/17/2017

If your organization is thinking about using (or is using) IBM's Cryptographic APIs (e.g. QC3ENCDT, Qc3EncryptData) for encrypting database fields, then this article is for you.

How to go from simple to strategic capacity management

Blog

Blog

How to Go from Simple to Strategic Capacity Management

By Per Bauer on Fri, 03/17/2017

Capacity Management Strategies If IT was like a restaurant…then capacity management should be like the restaurant manager (aka Maître D’). Unfortunately, too many organizations are using capacity management as the clean-up department. When something goes wrong, capacity management fixes it. And while that used to work, that’s not the best practice to follow today. A Brief History of Capacity...

Capacity Planning for IT Managers

Blog

Blog

Capacity Planning

By Per Bauer on Tue, 03/14/2017

Have you ever experienced an online service outage? It’s like losing half your physical locations without any warning. Downtime is a huge problem. It stops your revenue stream. It compromises customer loyalty. It damages your brand’s reputation. And it wastes hours and IT resources to fix the problem—when it shouldn’t have been a problem to begin with. Isn’t it about time you prevented downtime...

Scale of IT capacity planning tools that balance cost and risk

Blog

Blog

IT Finance & Budgeting

By Per Bauer on Tue, 03/14/2017

Blog

Blog

4 Reasons You Need Native Virus Scanning

By Robin Tatam on Thu, 03/09/2017

Many Power Systems users still believe Linux, AIX, and IBM i are immune to viruses because viruses are a Windows threat. That’s not the case in today’s connected environments.

Blog

Blog

The DDoS Deception You Need to Know About

By Robin Tatam on Wed, 03/08/2017

A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.

Blog

Blog

BYOD: Problems, Practices, and Solutions

By Robin Tatam on Wed, 03/08/2017

The bring-your-own-device trend has made significant waves in both the private and public sectors as workers increasingly rely on their own devices to handle their unique needs.

Blog

Blog

PCI Compliance is Only the Beginning of Security

By Robin Tatam on Wed, 03/08/2017

The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.

Blog

Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017

During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.

Blog

Blog

PCI Compliance Takeaways from the Target Data Breach

By Robin Tatam on Wed, 03/08/2017

Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.

Blog

Blog

What is the Value of SIEM?

By Robin Tatam on Wed, 03/08/2017

As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…

Blog

Blog

Finding the Balance: Personal Privacy vs. Corporate Protection

By Robin Tatam on Wed, 03/08/2017

Though methods vary between companies, the counterintuitive truth is that managers may have to be more transparent with their motives in order to accomplish the oversight they want.

Blog

Blog

What to Know about the New NIST Cybersecurity Framework

By Robin Tatam on Wed, 03/08/2017

Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.

Blog

Blog

3 Key Skills of a Successful Security Administrator

By Robin Tatam on Tue, 03/07/2017

The constantly changing cybercrime landscape paired with the speed of new technologies can make it difficult to know which skills a security administrator should focus on.

Blog

Your Biggest Challenge to IBM i User Onboarding

By Robin Tatam on Mon, 03/06/2017

As companies bounce back from recession and place a stronger emphasis on digitally-driven innovations, IT departments are finally receiving the funds they need to hire qualified, new colleagues who can lighten the workload. However, the first order of business will be getting these recent hires up to speed.

Blog

Blog

Your Biggest Threat Since Edward Snowden

By Robin Tatam on Mon, 03/06/2017

When Edward Snowden leaked the details of the National Security Agency’s PRISM program to the media, it resulted in a large public outcry and lot of unwanted attention. This doesn’t mean that system administrators should treat all of their contractors as the next Snowden, but it highlights the importance of ensuring that contractors, as well as employees, are sufficiently monitored and aware of...

Case Study

Case Study

Hershey Entertainment Quickly Encrypts Credit Card Data with Powertech Encryption for IBM i

Hershey Entertainment & Resorts is a privately held company located in the tourist center of Hershey, Pennsylvania, and has entertainment, resort and commercial divisions. Earlier this year, Hershey learned that because the entertainment and resort operations accept credit cards for payment, they needed the information stored by their box office ticketing and reservations applications to be...

Case Study

Case Study

Field-level Encryption Helps Retail Chain Achieve PCI Compliance

Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors. “We need to be able to access credit card...