European law dictates that companies, financial corporations and government agencies are required to secure their sensitive personal data. Although every sector has their own security regulations they all work in similar way: software and hardware must comply to strict and detailed rules and procedures. The organisations have to prove their continuous efforts to comply to these regulations, failures to comply are heavily fined. Every organisation is responsible for their own security, meaning that risk assessments are essential. In this article Infosecurity Magazine asked SRC Secure Solutions about their field experiences with independent risk assessments.

The answer to “how much security is enough?” all depends on the data that the organization possesses. And then what must be considered is: does the data fall under any regulatory requirement and how valuable is the data to the organization? Let’s consider these points.

• Discussing ways to improve performance on IBM System z: SystemZ Performance Guide
• SecureZIP and IBM ICSF Whitepaper: SZ and IBM ICSF Whitepaper
• Spotlighton Security Data Privacy in the DataCenter White Paper: Spotlight

Is your IBM i secure and why should you care?

• Are you under pressure from the regulators of SOX, JSOX, PCI, WBP etc?
• Do you plan to open your IBM i Web applications to your customers?

Following the success of our second seminar on security and compliance for the IBM i we have published the presentation sheets in PDF form. You can download these PDF's using the links on the right.

How secure is your data on IBM i?
How and why should you secure your IBM i
How does IBM i become compliant in 15 minutes?
How do you meet the demands of the auditors?

• PKWARE Smart Encryption Platform, With your data security strategy, find ways to: Avoid Complexity, Reduce Cost, Nullify Threats
• Complexities and cost traditionally associated with implementing strong encryption on the mainframe. Mainframe Cryptography: Discovering a Better Way
• How risks to the confidentiality of data on the mainframe has changed. Spotlight on Mainframe Security:Privacy in the Data Center
• Spotlight on Mainframe Security: Data Protection at the Heart of the Enterprise
• Overview of recent technology standards that are affecting systems and software used by the Federal Government. Secure Government Computing
• SecureZIP technology, its foundation within PKZIP, and the evolution of the ZIP family of products. End to End Enterprise Encryption
• SecureZIP and IBM z/Series Integrated Cryptographic Services Facility the white paper "SZ and IBM ICSF."
• Forrester report Secure the Data and not just the Underlying Infrastructure the white paper "Secure The Data."
• Overcoming the obstacles: Creating cooperative partnerships in securing the exchange of data the security policy white paper "Overcoming the Obstacles."
• Desktop Security Guide Whitepaper: Desktop Security Guide

If you want more information please contact us

• Confused by the Data Security Standards from the Payment Card Industry? Understand how SkyView Partners' products can help by reading the white paper "How SkyView Products Assist with PCI Compliance."  
• cisp PC _Data Security Standard © 2004 Visa U.S.A. Inc. cisp_PCI_Data_Security_Standard

If you want more information please contact us

• IFS in review by Carol Woodbury of SkyView Partners IFS in Review
• Confused by the Data Security Standards from the Payment Card Industry? Understand how SkyView Partners' products can help by reading the white paper "How SkyView Products Assist with PCI Compliance."
• Understand the pitfalls of using Exit Programs to attain compliance rather than using i5/OS Object Level Security in the white paper "Object Level Security vs. Exit Point Security."
• Update your policy with the concepts found in the security policy white paper "Data Classification and Ownership."
• Changes due to security compliance requirements can be difficult on staff. Learn how to reduce the stress with the suggestions found in the compliance white paper "You Don't Trust Me!"
• Compliance with many regulations requires control over programmer access. Find out how to accomplish this with the compliance white paper "What Programmers Really Need."  
• Get advice on whether a virus scanning policy for System i or iSeries is required in the policy white paper "Virus Got You Down?"   
• IBM i User management at ABN AMRO a case study (Dutch) Case Study iMenu400 at ABN AMRO (Dutch)

If you want more information please contact us

• Download the SC Magazine Buyers Guide for 2018, featuring Skybox and TrapX
• Going up - Security in the Cloud by Joe Sturonas, CTO of PKWARE - click here 'Going Up'
• Announcing SRC Secure Solutions (Dutch) System i Magazine March 2008 System i Magazine 200803 SRC Secure Solutions 
• Carol Woodbury's "10 Threats to IT Security" in Dutch System i Magazine March 2008 System i Magazine 200803 10 Threats NL  
• PC Magazine  - SecureZIP for Windows DT April 2007  PC_Mag_Reprint  
• BIOS Magazine - SecureZIP for zSeries & iSeries April 2005 BIOS Magazine - SecureZIP for zSeries & iSeries  
• Computerwire - SecureZIP for iSeries & zSeries April 2005 Computerwire - SecureZIP for iSeries & zSeries.pdf  
• Information Security Bulletin - SecureZIP for iSeries & z Series April 2005 Information Security Bulletin - SecureZIP for iSeries & z Series   

If you want more information please contact us

• AMv Besluit (Dutch)  AMvB Besluit
• Beleidsregel aanwijzing certificerende instelling (Dutch) Beleidsregel aanwijzing certificerende instelling
• Memorie van Toelichting (Dutch) Memorie van Toelichting
• Preliminary Study on Mutual Recognition of esignatures for govt apps National Profile NetherlandsPreliminary Study on Mutual Recognition of esignatures for govt apps
• Wet Elektronische Handtekeningen  (Dutch) Wet Elektronische Handtekeningen

If you want more information please contact us

• ICT Data Security Best Practices "the white paper "IT Data Security Best Practices."
• What is COBIT Security?the white paper "What is COBIT?."  
• Sarbanes-Oxley Act: How relevant is it to Security? the white paper "SOX: Security Relevant or not?"

If you want more information please contact us