How safe is information on IBM i?

By Stephen R. Cheney

Increasing challenge of data breaches

Almost every day we read of a successful hacking attempt exposing private information to criminals and the like. In late April Sony’s Playstation online community was disabled by hackers affecting more than 70 million users. At first it was thought that the hackers had only effected a DoS (Denial of Service) to the playstation users but later Sony revealed that the database containing the user-id’s, email addresses, passwords and even credit-card details has been hacked. The damage to Sony was estimated at $1.4 billion – in future claims, lost clients and of course huge damage to their brand’s reputation. It is not known to me what platform the community database is held on.

Read more: Newsletter July 2011- Article 1

rsa_securedRaz-Lee's iSecurity suite of products is a comprehensive, user-friendly auditing, compliance and security solution for IBM i (AS/400) environments. iSecurity products address insider threats, external security risks, and the need to monitor business-critical application. Read more go to the EMC Solution Gallery.

SecureZip from SRC Secure Solutions as solution for FIPS 140-2 Compliance 

The Dutch Ministry of the Interior and Kingdom Relations secure sensitive data on Linux systems with SecureZIPsecure_box

28 June, 2010. Following a successful test, a division of the Dutch Ministry of the Interior has chosen SecureZIP Enterprise Edition for Server as the solution to secure sensitive private data to be exchanged with authorized organizations. The choice for SecureZIP was made to due its FIPS 140-2 compliance, the availability of SecureZIP on all major computing platforms (including Windows and Linux) and the price performance ratio.  SecureZIP Server has been installed in the Linux production environment.

Read more: Newsletter - JULY 2010 - Article 2

Carol WoodburyCarol Woodbury's article: Work Smarter, Not Harder!

I'm guessing it's due in part to how I was raised as well as my independent nature, but I tend to think that I can do everything myself and don't need to ask for help. Therefore, I probably took longer than most to realize that doing everything myself is not always a wise decision.  Sometimes I do need help and should ask for it. Also, there are times when it just makes much more sense to hire someone to do something rather than do it myself.

How does this confession relate to you? What are you not able to do because you are required to generate a compliance report? Or, what security administration task isn't being accomplished because you just can't get to it?

Read more: Newsletter - JULY 2010 - Article 1