Being a cybersecurity professional means you’re regularly in charge of making complex decisions with real-world consequences, like choosing the right cybersecurity benchmarks, controls, frameworks, or best practices for your organization. Should you apply the CIS Controls, the NIST Cybersecurity Framework, or something else? Without overarching industry consensus, it can be...
Typically, there are two main issues with monitoring a system manually: having to go out deliberately (and repeatedly) and check to see if something has happened; and the fact that you are most likely looking for the proverbial needle in a haystack of logged events.
While everyone likes to feel special, we need to be more selective when it comes to data access. As we discussed last month, many users have privileges far beyond their business requirements and simply need to have their access reduced to more reasonable levels.
Your organization has invested in a security information event manager, or SIEM, to receive and analyse security and event log information from a variety of servers. Now they want to also get this information from their IBM Power Systems server.
Powertech SIEM Agent takes raw security event data from IBM i and converts it into a meaningful format for security operations staff. Schedule a demo today.
Satisfy your auditor requirements with reports that provide a complete audit trail of privileged user activity with Powertech Authority Broker for IBM i. Schedule a demo today.
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
In recent years, regulatory initiatives like Sarbanes-Oxley, HIPAA, PCI, and GLBA have placed increased emphasis on the need to monitor and secure sensitive information. For example, The Payment Card Industry (PCI) Data Security Standard dictates one of the most stringent requirements of all—logs must be reviewed daily, and a minimum of three months of logs must be available for analysis.