22
Sat, Feb
1 New Articles
  1. You are here:  
  2. Home
  3. Security
  4. IBM i (OS/400, i5/OS)
  5. The State of IBM i Security 2012

The State of IBM i Security 2012

IBM i (OS/400, i5/OS)
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

How secure is your system?


Editor’s Note: This article is an excerpt from the white paper “The State of IBM i Security 2012.”

 

Are my Power Systems servers running IBM i (aka System i, iSeries, AS/400) compliant with government and industry security regulations?

 

Is my data secure behind the walls of my Power Systems server? Are we able to detect fraud, data theft, and other deceptive behavior?

 

How do I secure my system in the most efficient and economical way?

 

If you’re a senior executive or IT manager with responsibility for Power Systems running IBM i, then you’re already familiar with these security-related questions. In response to these issues, PowerTech surveyed over 120 Power Systems servers (many from Fortune 100 companies) in 2011. The results, and the universal nature of IBM i vulnerabilities, led us to conclude that if you have IBM i systems in your data center, then your organization probably suffers from internal control deficiencies.

IBM i security projects often take a back seat to Windows- and UNIX-platform security, either because it is assumed that an IBM i server is already secure or because the security professionals or auditors are unsure how to assess this system.

Our goal in releasing this annual study is to help executives, IT managers, system administrators, auditors, and compliance officers understand the important security exposures of IBM i servers and to provide answers to the questions that keep you up at night.

 

Introduction: The IBM i Market

IBM introduced the AS/400 in 1988 as its computing system for small- and medium-sized companies. Today, the Power Systems product line ranges from small servers with a single processor to the high-end mainframe-class POWER7 Model 795, which can have up to 256 processors. The IBM i community includes a large and loyal base throughout the world—with more than 380,000 systems estimated in production use.

The PowerTech data was collected from a cross-section of systems of varying sizes. Companies in industries such as retail, financial, manufacturing, and distribution typically purchased their Power Systems server as part of an integrated business system. Today more than 16,000 banks run their core banking and financial applications on an IBM i server. Many retailers use applications that store credit card data on the system. Some of the more well-known software vendors that provide applications are Oracle (JD Edwards ERP); Lawson/Intentia (financials); FISERVE; SAP; IBM Domino; IBM WebSphere; Jack Henry (core banking); INFOR (BPICS, MAPICS, Infinium, Infor ERP XA applications, PRISM); and Manhattan Associates (supply chain). Given the mission-critical data that is stored on these systems, maintaining a secure configuration should be a top priority.

Over the years, IBM i installations have seen considerable changes in staff. Often, these servers have been running mission-critical business applications for 20 years or more, and the staff that set up server security is no longer there. Consequently, the administration of security controls has lapsed and the guards are down. You’ll see that in our results. What you need to consider is, “Are our guards down, too?”


0 0
PowerTech is your security expert in managing evolving compliance and data privacy threats with automated security solutions for IBM Midrange Servers. Our ServerProven security solutions are straightforward and save your valuable IT resources, giving you ongoing protection and peace of mind.
 
Because IBM Power System (iSeries and AS/400) servers are used to host particularly sensitive corporate data, it is imperative that you practice proactive compliance security. As an IBM Advanced Business Partner with over 1,000 customers worldwide, PowerTech understands corporate vulnerability and the risks associated with data privacy and access control.
 
Eden Prairie, Minnesota-based PowerTech Group was founded by security experts in 1996. In 2004, PowerTech was awarded the prestigious Industry Driver APEX Award from iSeries NEWS. That same year, PowerTech also won the APEX award as the Editor’s Choice in the Security category. PowerTech is also the only iSeries security company to have been recognized as a finalist in the IBM Beacon awards.
 

The PowerTech security solutions provide definitive security coverage for iSeries and AS/400 systems.
BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  •  

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: