Security is no longer something you can put off until tomorrow.

Carol Woodbury, president and co-founder of SkyView Partners, Inc., takes her years of experience and knowledge as the IBM i security expert and explains the processes that should be established and checks that should be made by every IBM i security administrator.

Carol has earned the title of IBM i security expert by working in the area of security since 1990, including 10 years working for IBM's Enterprise Server Group as the AS/400 Security Architect and Chief Engineering Manager of Security Technology in Rochester, Minnesota. Carol is an award-winning speaker and writer in the area of security. Carol's fourth book, IBM i Security Administration and Compliance, is a top-selling reference for many IBM i organizations as they determine how best to administer and implement security on their servers. Carol is Certified in Risk and Information Systems Control (CRISC.)

Systems administration is something that no system can do without. Processes and procedures for administering the system—from system saves and nightly backups, to performance tuning, to responding to alerts and messages, to upgrades—are well-defined and important aspects of system administration. Unfortunately, this well-defined set of tasks doesn't exist for security administration. Security administration is one of those bullet items on your system administration to-do list. And security usually floats to that part of the list that gets pushed out to the next day's list unless an auditor is about to arrive or an incident occurs.

As we talked with people about this book project, it became obvious that one of the biggest reasons security administration is delayed is because it's not clear what needs to be accomplished, nor is it obvious where to start. Our goal with this handbook is to define the tasks for the role of security administrator and—as with systems administration—show that with automation and good discipline, these tasks can be handled on a daily basis and blend easily into the routine tasks of system administration. Sure, system administrators might know some basics, but in reality it's the details that count. The old adage that the "devil is in the details" applies here. Through the practical experience of helping hundreds of SkyView clients implement and automate security administration, Carol has built the list of tasks that security administrators should perform. This new book from Carol Woodbury is intended as a reference for that overworked systems administrator, offering advice on a number of topics. This book succinctly explains the "what and how" of security administration.

When you start a project, it's helpful if the people on the "front lines" of IBM i security get a chance to offer input. To make sure that we address real-world experience and offer sound advice in this book, we asked a couple of people to read the book and give us their impressions. Herb Hill, Senior Manager of Information Security Services at a major Canadian financial institution said, "This guide is full of practical and logical advice that is current and relevant for the IBM i. It is a valuable reference component for logical access security deployment." Brian Hole, a CISSP with Les Schwab Tire, said, "This guide armed me with the information I needed to be assertive with vendors and keep our systems more secure. It provided sound security theory and IBM i 'practical application' all wrapped up in one place."

With the headlines talking about ATM heists and information leaks, and with things like PCI 3.0 on the horizon, security is no longer something you can put off until tomorrow. It's something you need to pay attention to daily. Specifically written for the security administrator, this book will help set the bar for how security should be configured and will become a "go to" reference for those who need to maintain security in the IBM i community.

SkyView Partners is dedicated to providing software to help you solve your security compliance and policy issues. SkyView Partners was founded by John Vanderwall and Carol Woodbury. Prior to forming the partnership with Woodbury to focus on developing a security practice, Vanderwall most recently spent several years as a founder of the software division of an AS/400 security firm and served as vice president of sales and marketing. Woodbury worked for 16 years with IBM in Rochester, Minn., and served for more than 10 years as the AS/400 Security Architect and Chief Engineering Manager of Security Technology for IBM's Enterprise Server Group. During this time, Woodbury provided security architecture and design consultations with IBM Business Partners and large AS/400 customers. She is known worldwide as an author and speaker on security technology, specializing in i5/OS and IBM i security issues. Woodbury has published her third book, IBM i and i5/OS Security & Compliance: A Practical Guide from 29th Street Press, has written numerous articles on security, and is a contributing author on security for MCPress Online and other IBM midrange publishers.

Find out whether your system's security configuration is in compliance with your security policies with SkyView Policy Minder. Find out your system's vulnerabilities lie, receive an explanation of the issues and suggestions on where to start with SkyView Risk Assessor. Generate the audit reports you need for security and compliance without having to understand the complexities of the IBM i audit journal with SkyView Audit Journal Reporter . Let SkyView Partners' Support Team install and configure SkyView products and schedule your automated security compliance reports through the SkyView IBM i Security Compliance Solution.