Resources

Blog

BYOD: Problems, Practices, and Solutions

By Robin Tatam on Wed, 03/08/2017

The bring-your-own-device trend has made significant waves in both the private and public sectors as workers increasingly rely on their own devices to handle their unique needs.

Blog

PCI Compliance is Only the Beginning of Security

By Robin Tatam on Wed, 03/08/2017

The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.

Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017

During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.

Blog

PCI Compliance Takeaways from the Target Data Breach

By Robin Tatam on Wed, 03/08/2017

Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.

Blog

What is the Value of SIEM?

By Robin Tatam on Wed, 03/08/2017

As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…

Blog

Finding the Balance: Personal Privacy vs. Corporate Protection

By Robin Tatam on Wed, 03/08/2017

Though methods vary between companies, the counterintuitive truth is that managers may have to be more transparent with their motives in order to accomplish the oversight they want.

Blog

What to Know about the New NIST Cybersecurity Framework

By Robin Tatam on Wed, 03/08/2017

Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.

Blog

3 Key Skills of a Successful Security Administrator

By Robin Tatam on Tue, 03/07/2017

The constantly changing cybercrime landscape paired with the speed of new technologies can make it difficult to know which skills a security administrator should focus on.

Blog

Your Biggest Challenge to IBM i User Onboarding

By Robin Tatam on Mon, 03/06/2017

As companies bounce back from recession and place a stronger emphasis on digitally-driven innovations, IT departments are finally receiving the funds they need to hire qualified, new colleagues who can lighten the workload. However, the first order of business will be getting these recent hires up to speed.

Blog

Your Biggest Threat Since Edward Snowden

By Robin Tatam on Mon, 03/06/2017

When Edward Snowden leaked the details of the National Security Agency’s PRISM program to the media, it resulted in a large public outcry and lot of unwanted attention. This doesn’t mean that system administrators should treat all of their contractors as the next Snowden, but it highlights the importance of ensuring that contractors, as well as employees, are sufficiently monitored and aware of...

Blog

How DR Compliance Requirements Impact HA Decisions

By Tom Huntington on Wed, 03/01/2017

Disaster recovery requirements are part of the geographic and industry regulations that affect our organizations. Having the right solutions in place can help to avoid penalties and make audits go smoothly. Read on to create a complete compliance toolkit.

Case Study

Hershey Entertainment Quickly Encrypts Credit Card Data with Powertech Encryption for IBM i

Hershey Entertainment & Resorts is a privately held company located in the tourist center of Hershey, Pennsylvania, and has entertainment, resort and commercial divisions. Earlier this year, Hershey learned that because the entertainment and resort operations accept credit cards for payment, they needed the information stored by their box office ticketing and reservations applications to be...

Case Study

Field-level Encryption Helps Retail Chain Achieve PCI Compliance

Love’s Travel Stops and Country Stores, a retail travel stop chain with over 210 locations in 34 U.S. states, processes approximately 200,000 credit card transactions on a daily basis. Needing to meet PCI standards, Love’s found in Powertech Encryption for IBM i a product to encrypt credit card numbers in a way that would satisfy PCI compliance auditors. “We need to be able to access credit card...

Blog

Time to Renovate Your IBM i Security?

Fri, 02/24/2017

World-renouned security expert provides suggestions for ways you can "spruce up" your security configuration.

Blog

What Is a Profile Swap and How Can It Help Secure IBM i?

By Robin Tatam on Thu, 02/09/2017

In this short video, IBM i security expert Robin Tatam explains what a profile swap is and how it helps secure your system.

Blog

What's the Difference Between a Profile Swap and Adopted Authority?

Mon, 01/16/2017

Many organizations have the requirement to reduce the number of profiles to which special authorities—especially *ALLOBJ specially authority —have been assigned. In many cases, the excess capabilities can simply be removed because they aren't required for the person to perform their job functions. *SAVSYS special authority is a good example. Unless the person is performing system saves—i.e., is in...

Blog

4 High Availability Fibs the Skeptics Want to Believe

By Tom Huntington on Tue, 12/20/2016

High availability solutions are seen as expensive, time consuming, and tricky. So, even though HA tops IT wish lists, many companies pump the brakes and make excuses to delay implementation. We’re here to clear the air for HA.

Blog

What Should I Look for in a High Availability Solution?

By Matt Bresnan on Tue, 12/06/2016

High availability is a buyer’s world. With so many different solutions on the market, you shouldn’t be shy about shopping around until you find the right fit. Follow these tips for selecting your HA solution.

Blog

Three Reasons You Need an Updated Security Policy

Sun, 08/21/2016

If you still think creating and maintaining a security policy isn’t necessary, you could be setting up your organization for an unpleasant surprise. Check out the top three reasons businesses need an up-to-date security policy.

Blog

IT Security Compliance 101

By Robin Tatam on Sun, 08/21/2016

In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.

BYOD: Problems, Practices, and Solutions

PCI Compliance is Only the Beginning of Security

How “Smash and Grab” Compromises IBM i

PCI Compliance Takeaways from the Target Data Breach

What is the Value of SIEM?

Finding the Balance: Personal Privacy vs. Corporate Protection

What to Know about the New NIST Cybersecurity Framework

3 Key Skills of a Successful Security Administrator

Your Biggest Challenge to IBM i User Onboarding

Your Biggest Threat Since Edward Snowden

How DR Compliance Requirements Impact HA Decisions

Hershey Entertainment Quickly Encrypts Credit Card Data with Powertech Encryption for IBM i

Field-level Encryption Helps Retail Chain Achieve PCI Compliance

Time to Renovate Your IBM i Security?

What Is a Profile Swap and How Can It Help Secure IBM i?

What's the Difference Between a Profile Swap and Adopted Authority?

4 High Availability Fibs the Skeptics Want to Believe

What Should I Look for in a High Availability Solution?

Three Reasons You Need an Updated Security Policy

IT Security Compliance 101

Contact Information

Privacy Policy

Cookie Policy

Impressum