fhs
Volume 9, Number 1 -- January 6, 2009

Safestone Gives i Security Officers Greater Control

Published: January 6, 2009

by Alex Woodie

Despite declining IT budgets, companies should think twice before slashing security spending. Cyber criminals are becoming more proficient by the week, while the poor economy elevates the temptation for insiders to cheat. To that end, i OS security experts Safestone last month rolled out several updates to its DetectIT suite of security software that should give security officers greater control and deeper insight into System i activities.

DetectIT is a suite of integrated security tools for the IBM i operating system (IBM i OS). About 500 organizations around the world currently use DetectIT, including well-known firms such as the Royal Bank of Scotland, Secure Trust Bank, and Kleinwort Benson. The software is developed at Safestone's headquarters in England, and the majority of customers reside in Europe and North America.

Seven modules make up the suite, and they include the Security Audit and Detection module, the Risk and Compliance Monitor, the Network Traffic Controller, the User Profile Manager, Password Self Help, and the Multiple Systems Administrator console. Last March Safestone introduced the Smart Security Console, a graphical interface intended to simplify some aspects of security management and regulatory reporting.

On December 15, Safestone unveiled enhancements to three modules, including Security Audit and Detection, User Profile Manager, and Risk and Compliance Manager components.

The Security Audit and Detection module will now track requests by users, in addition to modifications and deletions made by users. This will enable security professionals to keep better tabs on who is accessing sensitive data, even if users are not changing the data. After all, plenty of damage can be done simply by reading data off a screen. Using this feature to monitor who is accessing sensitive records can help a security officer gain a better understanding of user behavior.

This DetectIT module will also gain the capability to monitor and report on the activities of users with powerful user profiles, such as users who have been granted *ALLOBJ authority, which gives users practically unfettered access to change or delete any data on the System i server. Monitoring of users with powerful user profiles can be turned on and off with just a few simple commands, giving security officials a measure of control over the potentially hazardous use of authorities.

Safestone will be rolling out support for monitoring of other special authorities in early 2009, the company said in its December 15 newsletter. While ALLOBJ is the most well-known special authority, there are others that could cause security headaches, including SECADM (security administrator), IOSYSCFG (network services), AUDIT (audit rights), SPLCTL (spool file authority), SERVICE (hardware administrator), JOBCTL (system operator), and SAVESYS (backup operator).

Safestone has also enhanced the existing integration between RSA Security's two-factor authentication solution, SecureID, and the User Profile Manager component of DetectIT. With this release, the SecureID authentication process can be started at any time, instead of only upon first sign-on, which is how the product was previously used. SecureID processes can be summoned at any time, either from an i OS command line or programmatically.

It's worth noting that Safestone claims DetectIT is the only i OS security solution that integrates directly with the SecureID from RSA, which is a subsidiary of EMC. SecureID typically combines a password or PIN with a hardware-based authenticator (such as a key card or a key fob that automatically changes security codes every 60 seconds), and is a popular choice among PC and network administrators. Thanks to the integration work by Safestone, the SecureID system can be used by System i shops, too.

DetectIT's Risk and Compliance Monitor module has also been enhanced with better file system compliance checks. With this release, the software will perform deeper checks across the entire IFS. Now, all directories and folders are checked, as opposed to just the QDLS (the folders files system), which was the only part of the IFS that was checked previously.

For more information, visit the company's Web site at www.safestone.com.


RELATED STORIES

Safestone Re-emerges with New Corporate Identity, i OS Security Tools

Safestone Emerges with New Security Products

SafeStone Delivers New Adapter for Password and Provisioning Suite

SafeStone Announces New Resource Provisioning Software

SafeStone Signs OEM Agreements with Two British Consultancies

SafeStone Entering Cross-Platform Security Arena


                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Sponsored By
PRODATA COMPUTER SERVICES

Don't Break the Bank,
We Can Keep You Rolling!

Select any of our productivity tools and ask to finance thru our Lease-to-Own Plan.

Lease-to-Own RDB Connect or DBU, database and connectivity utilities
over a three year period for only a few dollars a day.
No risks, no hassles, no problems.

Download your FREE 30 day trial today!

800.228.6318
sales@prodatacomputer.com
www.prodatacomputer.com
Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

New Generation Software:  Run IBM Query/400 from your Windows desktop!
Bug Busters Software Engineering:  High availability software that won't break the bank
COMMON:  Join us at the 2009 annual meeting and expo, April 26-30, Reno, Nevada
 

IT Jungle Store Top Book Picks

Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
Getting Started with PHP for i5/OS: List Price, $59.95
The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
The System i Pocket RPG & RPG IV Guide: List Price, $69.95
The iSeries Pocket Database Guide: List Price, $59.00
The iSeries Pocket Developers' Guide: List Price, $59.00
The iSeries Pocket SQL Guide: List Price, $59.00
The iSeries Pocket Query Guide: List Price, $49.00
The iSeries Pocket WebFacing Primer: List Price, $39.00
Migrating to WebSphere Express for iSeries: List Price, $49.00
iSeries Express Web Implementer's Guide: List Price, $59.00
Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
Getting Started with WebSphere Express for iSeries: List Price, $49.00
WebFacing Application Design and Development Guide: List Price, $55.00
Can the AS/400 Survive IBM?: List Price, $49.00
The All-Everything Machine: List Price, $29.95
Chip Wars: List Price, $29.95
 
The Four Hundred
Now What?

IT Doing Better Than Other Careers in 2009

Strengthening Dollar Whacks Oracle's Second Fiscal Quarter

As I See It: The Rhythm of Things Unseen

Uncle Sam to Stop Buying Used IT Gear?

Four Hundred Guru
Two A-maze-ing Programs

End-of-Year Odds and Ends

Admin Alert: Upcoming i5/OS and AnyNet End of Service Dates

Four Hundred Monitor
Four Hundred Monitor's
Full iSeries Events Calendar

System i PTF Guide
December 27, 2008: Volume 10, Number 52

December 20, 2008: Volume 10, Number 51

December 13, 2008: Volume 10, Number 50

December 6, 2008: Volume 10, Number 49

November 29, 2008: Volume 10, Number 48

November 22, 2008: Volume 10, Number 47

TPM at The Register
Server racket to slow in 2009?

Big Blue urged to open Notes and Domino

Data center budgets to stay course in 2009?

New Unisys CEO tightens the belt

Sun boosts OpenSolaris on Atom

VMware piles up next virtual stack for servers

Supermicro does micro server for SOHOs

Red Hat shakes off economic meltdown

UBS says IT spending in Europe, US to drop 2 per cent in 2009

Visionman launches Nehalem Core i7 servers

American IT staffing will not tank in Q1

Rackable servers goin' mobile

Red Hat extends RHEL release support

Sun revs VirtualBox desktop virtualization

THIS ISSUE SPONSORED BY:

ProData Computer Services
Bytware
Maximum Availability
VAULT400
Twin Data


Printer Friendly Version


TABLE OF CONTENTS
Safestone Gives i Security Officers Greater Control

SPSS to Update ShowCase OLAP Server Technology

Rand McNally Keeps Truckers On the Go and In the Know

The Who's and What's of ESBs and eSBs

Mohawk Slashes Report Delivery Times, Thanks to Centerfield

News Briefs and Product Shorts:
T.L. Ashford Eases Setup with Barcode400 . . . Shore Bancshares Licenses i-Based Core System from Jack Henry . . . LogRhythm Debuts New 'Intelligent' IT Search . . . Siemens Taps CCSS to Monitor Outsourced i OS Environment . . . Infor Begins North American VAR Recruitment Drive . . .

Four Hundred Stuff

BACK ISSUES




 
Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2009 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement