• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • PowerTech to Overhaul Free IBM i Security Policy Template

    September 7, 2010 Alex Woodie

    Defining the steps one must complete to achieve one’s goals is the first step in many higher endeavors. When the endeavor is achieving a certain level of security on an IBM i server or any other kind of IT system, the goals are put down on paper in the form of a detailed security policy. For organizations that are looking to bolster their IBM i security practices but don’t know where to start, PowerTech provides a free, downloadable IBM i security policy template to get them going.

    It is hard to believe, but many IBM i shops today don’t have security policies, which, unfortunately, is just one of many security failings at IBM i shops. These organizations are flying blind by the seat of their administrator’s pants, hoping they don’t have a security problem (presuming they could detect it in the first place). Without a security policy to go by, it’s very difficult for an organization to practice any kind of rigor in pursuit of higher security. In other words, a security policy is the foundation block of all security practices, and without it, no security structures can be built on top of it.

    That’s not to say every company needs a Fort Knox-like security policy. Each organization’s security policy is a unique reflection of the risks they are willing to take. A small company with just a dozen users accessing an IBM i server with no ODBC, FTP, or HTTP links outside the firewall will require a much simpler security policy than a national retailer handling billions of dollars of electronic transactions, which must adhere to the strict PCI DSS requirements.

    But any organization that values its data–and its relationship with customers who are represented by that data–should have, at the very least, a semblance of a security policy. For IBM i shops that don’t, PowerTech’s “OS/400 Security Policy” provides a good place to start.

    The 13-page security policy is broken down into various sections, such as physical security, data access security, user profile security, etc. Many of the entries are no-brainers, such the computer must be located in a secure room. It seems simple to say, but without a lock on the office or computer room door, no security can be achieved.

    PowerTech’s policy provides examples for how IBM i should be configured for security. Some of the recommendations are quite detailed, and some administrators may choose to have stricter or more lenient settings, depending on their particular needs. The document does not provide a complete security policy, but is a starting point for developing a custom security policy.

    PowerTech will be updating the policy in the near future, and welcomes suggestions and submissions from the IBM i community, according to an August blog posting by PowerTech’s director of security technologies Robin Tatam.

    “This popular document will continue to be a free resource to the IBM i security community, and we invite anyone to download, edit, and return the changes to us for possible (and credited) inclusion in a future edition,” Tatam writes.

    You can obtain PowerTech’s OS/400 Security Policy as a free PDF download from its website at www.powertech.com.



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    Maxava

    Migrate IBM i with Confidence

    Tired of costly and risky migrations? Maxava Migrate Live minimizes disruption with seamless transitions. Upgrading to Power10 or cloud hosted system, Maxava has you covered!

    Learn More

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    PowerTech:  FREE Webinar! Protect IBM i Data from FTP, ODBC, & Remote Command. Sept 15, 10 am CT
    looksoftware:  RPG OA & Beyond Webinar. Sept 28 & 29. Enter to win an Amazon Kindle™
    COMMON:  Join us at the Fall 2010 Conference & Expo, Oct. 4 - 6, in San Antonio, Texas

    IT Jungle Store Top Book Picks

    Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
    The iSeries Express Web Implementer's Guide: List Price, $49.95
    The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    Chip Wars: List Price, $29.95

    Admin Alert: One Year Out–Preparing for Your Next Power IBM i Upgrade Get Thee to the Web, Part 1

    Leave a Reply Cancel reply

Volume 10, Number 31 -- September 7, 2010
THIS ISSUE SPONSORED BY:

ProData Computer Services
Bytware
RevSoft
ManageEngine
RJS Software Systems

Table of Contents

  • MKS Offers Full Support for IBM i 7.1 in ALM Tool
  • Vanguard Adds Graphical Workflow Features to IBM i Imaging Solution
  • Valid and TGS Gang Up on Buddy Punchers
  • Quantum Adds Fibre Channel to Midrange De-dupe Boxes
  • CCSS Cracks Down on IBM i Jobs with Excessive I/O
  • PowerTech to Overhaul Free IBM i Security Policy Template
  • Wavelink Finds Another Use for Smartphones
  • BackOffice Unveils Cloud-Based Data Migration Tool
  • IBM Moves Rational Cafes to New Website
  • Why Surging Security Vulnerability Rate May Be a Good Thing

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • POWERUp 2025 –Your Source For IBM i 7.6 Information
  • Maxava Consulting Services Does More Than HA/DR Project Management – A Lot More
  • Guru: Creating An SQL Stored Procedure That Returns A Result Set
  • As I See It: At Any Cost
  • IBM i PTF Guide, Volume 27, Number 19
  • IBM Unveils Manzan, A New Open Source Event Monitor For IBM i
  • Say Goodbye To Downtime: Update Your Database Without Taking Your Business Offline
  • i-Rays Brings Observability To IBM i Performance Problems
  • Another Non-TR “Technology Refresh” Happens With IBM i TR6
  • IBM i PTF Guide, Volume 27, Number 18

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle