IBM Kills Secure Perspectives Tool

July 21, 2009 Alex Woodie

IBM last week announced the withdrawal from marketing and discontinuance of support for Secure Perspectives, an i OS security tool introduced two years ago with the goal of allowing nontechnical people to define and implement an object-level security policy using nontechnical words and phrases. However, the product will continue to be available as a custom offering, as will updates that allow it to work with future releases of IBM i OS.

Unveiled in April 2007 and shipped a month later, IBM introduced Secure Perspectives as a way to get more i5/OS shops to implement object-level security on their System i servers.

Object-level security is one of the most powerful elements of security on this platform, as it explicitly controls which objects a user has access to and which objects they don’t. Even without other security precautions in place, such as exit point monitoring, if an organization has object-level security implemented, the chances of a major security breach are greatly minimized. (You can chalk up this feature to the AS/400’s amazing object-oriented architecture, which has been keeping AS/400 shops malware-free and [mostly] virus-free for decades, while Windows and Unix architecture, which lack this object-oriented nature, suffer the consequences of their file system attributes.)

While object-level security is powerful, it can also be quite complex. Implementing object-level security can be a real challenge, and requires a good deal of technical expertise. IBM hoped to change that with Secure Perspectives, which sought to convert i5/OS-specific technical jargon into “natural language” terms. But judging from last week’s withdrawal from marketing and support, uptake of the product was not as high as IBM had initially hoped.

Those who adopted Secure Perspectives are not left totally in the lurch. IBM will be phasing out the product over the course of the next couple of years. Effective October 19, customers will no longer be able to buy the Secure Perspectives version 1.2 tool, or a 12-month support package. Over the next two years, various support programs will be wound down. The final date listed is September 30, 2011, when the per-day licensing option for Secure Perspectives is withdrawn.

In its announcement, IBM says the product “will continue to be available as a custom offering delivered by the IBM Systems Lab Services and Training Power Services team.” It goes on to say that “support and enhancements for this tool on future releases of IBM i will be offered as part of this Security Services offering.”

In other words, if you pony up for IBM’s “custom offering,” you can continue to receive updates enabling you to use Secure Perspectives with i 6.2 and future releases. This will undoubtedly be more expensive than the $900 per-processor annual maintenance fee that IBM was initially charging (on top of the $1,500 per processor license fee). But if the product proved useful in these customer settings, it could be worth it to buy IBM’s custom offering.

Customers may also be able to license Secure Perspectives from third-party resellers. For more information, see United States Withdrawal Announcement 900-155 at IBM’s Web site.

IBM Addresses Object-Level Security with New Tool

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Tags:

CYBER-ATTACKS ON THE RISE. PROTECT WITH THE TRIPLE PLAY.

COVID-19 has not only caused a global pandemic, but has sparked a “cyber pandemic” as well.

“Cybersecurity experts predict that in 2021, there will be a cyber-attack incident every 11 seconds. This is nearly twice what it was in 2019 (every 19 seconds), and four times the rate five years ago (every 40 seconds in 2016). It is expected that cybercrime will cost the global economy $6.1 trillion annually, making it the third-largest economy in the world, right behind those of the United States and China.”1

Protecting an organization’s data is not a single-faceted approach, and companies need to do everything they can to both proactively prevent an attempted attack and reactively respond to a successful attack.

UCG Technologies’ VAULT400 subscription defends IBM i and Intel systems against cyber-attacks through comprehensive protection with the Triple Play Protection – Cloud Backup, DRaaS, & Enterprise Cybersecurity Training.

Cyber-attacks become more sophisticated every day. The dramatic rise of the remote workforce has accelerated this trend as cyber criminals aggressively target company employees with online social engineering attacks. It is crucial that employees have proper training on what NOT to click on. Cyber threats and social engineering are constantly evolving and UCG’s Enterprise Cybersecurity Training (powered by KnowBe4) is designed to educate employees on the current cutting-edge cyber-attacks and how to reduce and eliminate them.

A company is only as strong as its weakest link and prevention is just part of the story. Organizations need to have a quick response and actionable plan to implement should their data become compromised. This is the role of cloud backup and disaster-recovery-as-a-service (DRaaS).

Data is a company’s most valuable asset. UCG’s VAULT400 Cloud Backup provides 256-bit encrypted backups to two (2) remote locations for safe retrieval should a cyber-attack occur. This is a necessary component of any protection strategy. Whether a single click on a malicious link brings down the Windows environment or an infected SQL server feeds the IBM i, once the data is compromised, there is no going back unless you have your data readily available.

Recovery is not a trivial task, especially when you factor in the time sensitive nature of restoring from an active attack. This leads to the third play of the Triple Play Protection – DRaaS. Companies have myriad concerns once an attack is realized and a managed service disaster recovery allows employees to keep focus on running the business in a crisis state.

The combination of training employees with secure backup and disaster recovery offers companies the best chance at avoiding financial disruption in an age of stronger, more frequent cyber-attacks.

Reach out to UCG Technologies to discuss your company’s security needs and develop a data protection plan that fits you best.

ucgtechnologies.com/triple-play

800.211.8798 | info@ucgtechnologies.com