Resources

Article

Audit Tested & Audit Approved Instant Authority!

By Robin Tatam on Fri, 03/24/2017

Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.

Article

How To Maintain Your Data Integrity

By Robin Tatam on Tue, 03/21/2017

File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.

Blog

The DDoS Deception You Need to Know About

By Robin Tatam on Wed, 03/08/2017

A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.

Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017

During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.

Blog

What is the Value of SIEM?

By Robin Tatam on Wed, 03/08/2017

As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…

Article

The Modern Alternative to Authority Adoption

By Robin Tatam on Wed, 03/08/2017

There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?

On-Demand Webinar

An Introduction to PCI Compliance on IBM Power Systems

By Robin Tatam

Complying with the PCI standard is a normal part of doing business in today’s credit-centric world. But, PCI applies to multiple platforms. The challenge becomes how to map the general PCI requirements to a specific platform, such as IBM i. And, more importantly, how can you maintain—and prove—compliance?

On-Demand Webinar

Audit and Control of Powerful Users on IBM i

By Robin Tatam

Discover the ways to control and audit the activity of powerful users, with a view to enhancing the integrity of your IBM i. With the proper controls in place, you can restrict even the most powerful users as required.

Guide

Download “Identity & Access Management for IBM i”

Insiders are responsible for 34 percent of data breaches—and insiders are also the most difficult threat to control control on IBM i. You can't lock them out completely because your IBM i users need at least some level of access to do their jobs. So, how do you ensure users have only the access they need without overburdening IT with manual processes that distract from other critical projects? We...

Blog

What Is a Profile Swap and How Can It Help Secure IBM i?

By Robin Tatam on Thu, 02/09/2017

In this short video, IBM i security expert Robin Tatam explains what a profile swap is and how it helps secure your system.

On-Demand Webinar

44 Percent of Your IBM i Users Can Do WHAT?!

By Robin Tatam

Your IBM i power users are one of your greatest assets. But on most systems, they're also one of your greatest security vulnerabilities. Find out how to regain control.

Article

Monitor, Capture, and Send Log Events With Powertech SIEM Agent for IBM i

By Robin Tatam on Sun, 08/21/2016

In recent years, regulatory initiatives like Sarbanes-Oxley, HIPAA, PCI, and GLBA have placed increased emphasis on the need to monitor and secure sensitive information. For example, The Payment Card Industry (PCI) Data Security Standard dictates one of the most stringent requirements of all—logs must be reviewed daily, and a minimum of three months of logs must be available for analysis.

Blog

IT Security Compliance 101

By Robin Tatam on Sun, 08/21/2016

In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.

Guide

Effective Log Management

IBM’s customers are turning to Power VM virtualization to consolidate multiple workloads onto fewer systems increasing server utilization and reducing cost. However a virtualized server landscape on several different IBM platforms (IBM Power Systems™, IBM System x®, and IBM BladeCenter®) may reduce hardware complexity but this puts a strain on supporting the entire lifecycle of analysis...

Guide

13 Tips to Write Secure Applications and Boost IBM i Security

Barely a day passes without new headlines reporting another cyber attack, policy violation, or data breach. Secretly, we breathe a sigh of relief that it happened to someone else, but most of us know that we’ll all eventually feel the impact in some capacity.

Guide

Two Factor Authentication for IBM i

Organizations facing a more advanced threat landscape and a complex regulatory environment require a solution which addresses the need for securely controlling access to existing systems and applications. In addition, this solution should not increase the workload on support, application providers or the end user.

Guide

Download “How IT Professionals Can Navigate PCI DSS Compliance” Guide

The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information. This includes merchants and third-party service providers that store, process, or transmit credit card data. The launch of PCI DSS helped expose serious security shortcomings, failures to follow security best practices, and a general lack of awareness of the...

Case Study

AAA Life Leverages Fortra Solutions for IT Efficiency

Part of the American Automobile Association (AAA) family, AAA Life Insurance Company offers a variety of competitive life insurance, annuity, and travel accident products. With over one million policies, many people rely on AAA Life to help provide protection for their loved ones. As Senior Systems Engineer at AAA Life, Randy Wittner is in charge of their IBM i environment, overseeing two S824...

Case Study

Powertech Protects Healthcare Company’s IBM i Systems to the Max

When a healthcare organization faced stringent regulations like HIPAA, PowerTech's security products closed the security gaps on IBM i and helped protect confidential data.

Case Study

Powertech Helps Community Bank Enforce Internal iSeries Compliance

First Security Bank is one of Montana’s largest, locally owned community banks. They provide business, real estate, consumer and agricultural loans, Internet banking, brokerage services, and a full range of deposit accounts. First Security has over 150 users on a System i 525 that...

Audit Tested & Audit Approved Instant Authority!

How To Maintain Your Data Integrity

The DDoS Deception You Need to Know About

How “Smash and Grab” Compromises IBM i

What is the Value of SIEM?

The Modern Alternative to Authority Adoption

An Introduction to PCI Compliance on IBM Power Systems

Audit and Control of Powerful Users on IBM i

Download “Identity & Access Management for IBM i”

What Is a Profile Swap and How Can It Help Secure IBM i?

44 Percent of Your IBM i Users Can Do WHAT?!

Monitor, Capture, and Send Log Events With Powertech SIEM Agent for IBM i

IT Security Compliance 101

Effective Log Management

13 Tips to Write Secure Applications and Boost IBM i Security

Two Factor Authentication for IBM i

Download “How IT Professionals Can Navigate PCI DSS Compliance” Guide

AAA Life Leverages Fortra Solutions for IT Efficiency

Powertech Protects Healthcare Company’s IBM i Systems to the Max

Powertech Helps Community Bank Enforce Internal iSeries Compliance

Contact Information

Privacy Policy

Cookie Policy

Impressum