Resources

Data Integrity Monitoring graphic
Article
Article

How To Maintain Your Data Integrity

By Robin Tatam on Tue, 03/21/2017
File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.
Infrastructure and Data Protection
Banks depend on AS/400 for security
Blog
Blog

IBM i: The Backbone of the Banking Industry

Tue, 03/21/2017
Highly regulated organizations such as those in the banking industry have a strong history with IBM i, and for good reason—the platform offers an unprecedented level of security.
Infrastructure and Data Protection
On-Demand Webinar
On-Demand Webinar

10 Tips for AIX Security

By Robin Tatam
Attackers often target servers used for mission-critical data, and servers running AIX are no exception. In this on-demand webinar, cybersecurity expert Robin Tatam explains how a well-defined security policy can help protect your systems, focusing on the 10 most important issues to consider for setting a strong AIX security policy.
Infrastructure and Data Protection
Blog
Blog

The DDoS Deception You Need to Know About

By Robin Tatam on Wed, 03/08/2017
A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.
IBM i Cybersecurity
Blog
Blog

PCI Compliance is Only the Beginning of Security

By Robin Tatam on Wed, 03/08/2017
The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.
Compliance
IBM i Cybersecurity
Blog
Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
IBM i Cybersecurity
Blog
Blog

PCI Compliance Takeaways from the Target Data Breach

By Robin Tatam on Wed, 03/08/2017
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
Compliance
Blog
Blog

What is the Value of SIEM?

By Robin Tatam on Wed, 03/08/2017
As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…
Vulnerability Management
Blog
Blog

What to Know about the New NIST Cybersecurity Framework

By Robin Tatam on Wed, 03/08/2017
Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.
Compliance
Article
Article

The Modern Alternative to Authority Adoption

By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?
IBM i Cybersecurity
Article
Article

Stay on Top of Security with Security Scan

By Robin Tatam on Wed, 03/08/2017
Security and compliance adherence has elevated in criticality over the past few years and has now taken its rightful place as a primary IT initiative, alongside virtualization and disaster preparedness. The necessity for better data protection has landed front-and-center in the public eye following some of the largest data breaches on record.
IBM i Cybersecurity