PowerTech Goes Multi-Platform with Security Policy Software

Regulatory compliance standards have forced companies to pay attention to IT security and be accountable for who has authority and how much authority they have. In general, the track record on this type of thing is a horror story. Organizations often hover on the verge of near compliance. And compliance requirements, by their nature, continually evolve. This is why software such as PowerTech‘s Policy Minder has been developed.

It’s the responsibility of the system administrators and IT departments to make sure they are in compliance with regulatory measures like the Payment Card Industry Data Security Standard (PCI DDS), Sarbanes-Oxley (SOX), and the Health Insurance Portability and Accountability Act (HIPAA) that require a data protection policy–a written statement of how the organization protects IT assets, including customer data. Automated compliance reporting eliminates most of the manual work involved in checking compliance for user accounts, files, and configuration settings. Policy exceptions can even be remedied automatically.

Policy Minder came on the market in 2005. The IBM i security administration tool was created by Carol Woodbury, who earlier in her career was the top security expert at IBM Rochester. Woodbury designed it to automate the management of security policies, by checking security settings and configurations against security policies and by changing settings and configurations to match internal policies and compliance regulations.

When introduced, Policy Minder was offered by Woodbury’s company Skyview Partners. As the product evolved, it gained multi-platform capabilities by supporting Linux and AIX. In June 2015, HelpSystems acquired SkyView and folded it into its PowerTech security line of products, where multi-platform capabilities have become a priority.

HelpSystems, one of the largest software vendors in the IBM i community, has made multi-platform administration software a priority, so Policy Minder is a good example of the development direction that company is promoting.

Chris Heim, CEO of HelpSystems, says the need for multi-platform security administration software is clear. He says Policy Minder will support Windows and variants of Unix later this year.

One difference that we see in Policy Minder since being incorporated into the PowerTech brand is mobile capability. HelpSystems has a mobile initiative that uses responsive design in its software so that regardless of the device the presentation of information will scale and render for optimum viewing on the device whether it is desktop, laptop, tablet or phone. Mobile capability for minding system admin duties is clearly a value for users.

The primary benefits of Policy Minder, however, come from the capability to quickly determine who has access to the system, whether they need to be there, is their level of authority appropriate, and whether patch levels are current.

“These are essentially your company’s security policies,” HelpSystems’ Director of Security Development Rob Sutrick says. Defining these policies and then enforcing them is what he refers to as “hardening” security.

“You can go through the process of hardening your security, but how do you stay compliant with the policies defined?” Sutrick says. “How do you manage all of this when you have multiple systems? By automating these procedures, you can cut the time and resources it takes to make sure your systems stay in compliance. And that leads to nice cost savings.”

Automated system security checks that can be accomplished with Policy Minder include:

• Discover files with either the SUID or SGID bit set then monitor them for changes to their ownership, permissions or attributes
• Discover when the sudoers file has been changed by using the checksum function
• Ensure key system files are not world-writable
• Check on services to find when one has been activated that shouldn’t have been
• Ensure all user accounts have been created–and remain–with the appropriate attributes
• Discover new admin accounts
• Discover and manage inactive user accounts
• Aid with auditor and compliance requirements by ensuring password rules are set appropriately

System automation has always been the foundation of HelpSystems product lineup. The multi-platform aspect is where the company sees the best opportunity moving ahead.

Integration efforts are under way at HelpSystems to align Web and mobile interfaces so that multi-platform products can be managed within a centralized console, sometimes referred to as “a single pane of glass.”

The HelpSystems’ Robot Network and Robot Schedule admin automation products have moved into this integration phase and, according to Sutrick, PowerTech’s Network Security product will get the centralized console integration in the next several months.

RELATED STORIES

HelpSystems’ Application Integration Begins With GUI

Ops Dashboard Gives Centralized View Into IBM i Performance

PowerTech Adds Centralized Management for Exit Points Security

Robot Job Scheduler Gets a Fresh New Look

HelpSystems Adds SkyView Partners To Its Security Assets

State of IBM i Security? Still Horrible, After All These Years

PowerTech Puts a Pretty Face on Network Security

HelpSystems Launches Mobile Initiatives, Acquires NAI for Workflow Automation