PowerTech to Overhaul Free IBM i Security Policy Template

September 7, 2010 Alex Woodie

Defining the steps one must complete to achieve one’s goals is the first step in many higher endeavors. When the endeavor is achieving a certain level of security on an IBM i server or any other kind of IT system, the goals are put down on paper in the form of a detailed security policy. For organizations that are looking to bolster their IBM i security practices but don’t know where to start, PowerTech provides a free, downloadable IBM i security policy template to get them going.

It is hard to believe, but many IBM i shops today don’t have security policies, which, unfortunately, is just one of many security failings at IBM i shops. These organizations are flying blind by the seat of their administrator’s pants, hoping they don’t have a security problem (presuming they could detect it in the first place). Without a security policy to go by, it’s very difficult for an organization to practice any kind of rigor in pursuit of higher security. In other words, a security policy is the foundation block of all security practices, and without it, no security structures can be built on top of it.

That’s not to say every company needs a Fort Knox-like security policy. Each organization’s security policy is a unique reflection of the risks they are willing to take. A small company with just a dozen users accessing an IBM i server with no ODBC, FTP, or HTTP links outside the firewall will require a much simpler security policy than a national retailer handling billions of dollars of electronic transactions, which must adhere to the strict PCI DSS requirements.

But any organization that values its data–and its relationship with customers who are represented by that data–should have, at the very least, a semblance of a security policy. For IBM i shops that don’t, PowerTech’s “OS/400 Security Policy” provides a good place to start.

The 13-page security policy is broken down into various sections, such as physical security, data access security, user profile security, etc. Many of the entries are no-brainers, such the computer must be located in a secure room. It seems simple to say, but without a lock on the office or computer room door, no security can be achieved.

PowerTech’s policy provides examples for how IBM i should be configured for security. Some of the recommendations are quite detailed, and some administrators may choose to have stricter or more lenient settings, depending on their particular needs. The document does not provide a complete security policy, but is a starting point for developing a custom security policy.

PowerTech will be updating the policy in the near future, and welcomes suggestions and submissions from the IBM i community, according to an August blog posting by PowerTech’s director of security technologies Robin Tatam.

“This popular document will continue to be a free resource to the IBM i security community, and we invite anyone to download, edit, and return the changes to us for possible (and credited) inclusion in a future edition,” Tatam writes.

You can obtain PowerTech’s OS/400 Security Policy as a free PDF download from its website at www.powertech.com.

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Tags:

Revolutionary Performance Management Software

At Greymine, we recognize there is a void in the IT world for a dedicated performance management company and also for a performance management tool that’s modern, easy to use, and doesn’t cost an arm and a leg. That’s why we created PERFSCAN.

PERFSCAN is designed to make your job easier. With revolutionary technology, an easy-to-read report and graphics engine, and real time monitoring, tasks that used to take days can now take minutes. This means you will know your system better and will be able to provide better service to your customers.

OUR FEATURES

PERFSCAN is full of robust features that don’t require you to take a three-day class in order to use the product effectively.

Customizable Performance Reporting

Whether you are troubleshooting a major system problem or simply creating a monthly report, PERFSCAN lets you select any combination of desired performance metrics (CPU, Disk, and Memory).

User Defined Performance Guidelines

No matter if you are a managed service provider managing complex systems in the cloud or a customer analyzing your on-premises solution, PERFSCAN gives you the flexibility to define all mission critical guidelines how they need to be.

Understanding The Impact Of Change

Tired of all the finger pointing when performance is suffering? PERFSCAN’s innovative What’s Changed and Period vs. Period analysis creates a culture of proof by correlating known environmental changes with system performance metrics.

Comprehensive Executive Summary

Creating performance graphs is easy. Understanding what they mean is another thing. With one mouse click, PERFSCAN includes an easy-to-understand executive summary for each core metric analyzed.

Combined Real-Time Monitor And Performance Analysis Tool

With PERFSCAN’s combined built in enterprise real-time monitor and historical performance analysis capability, you will always know how your mission-critical systems are performing.

Cloud Performance Reporting Is Easy

Managing performance for production systems in the cloud can be a black hole to many system administrators. The good news is PERFSCAN analyzes all core metrics regardless of the location. That’s why MSPs and customers love PERFSCAN.

Detailed Job Analysis

PERFSCAN shows detailed top job analysis for any desired period. All metrics are displayed in two ways: Traditional Report and Percentage Breakdown Pie Chart. This toggle capability instantly shows the jobs using the most system resources.

Save Report Capability

Your boss lost the report you gave to him on Friday. Now what do you do? With PERFSCAN’s save report capability, any report can be retrieved in a matter of seconds.

Professional PDF Reporting With Branding

Creating professional looking reports for your customers has never been easier with PERFSCAN. Branding for our partners and service provider customers is easy with PERFSCAN.

Check it out at perfscan.com

Admin Alert: One Year Out–Preparing for Your Next Power IBM i Upgrade Get Thee to the Web, Part 1

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search