Can You Build Data Integrity Without Securing IBM i Systems?
January 27, 2021 Bill Hammond
Nowadays, companies tend to have vast troves of data stored on their IT platforms. Many companies are struggling to use that data – including critical data on IBM i – that could, in theory, help to make better business decisions and run operations more smoothly and efficiently. But in reality, that data is frequently siloed, inaccurate, and unsecured – leading CEOs to be concerned about the integrity of the data upon which they are basing decisions. Businesses across the globe are screaming for data they can trust.
The pace of digital transformation initiatives has rapidly accelerated in the past year, but bad data has too often stalled promising projects. Unfortunately, ensuring that data is complete, compliant, and accessible is no longer enough to keep pace in the digital economy. Today, data integrity is the business imperative; businesses must maximize accuracy, consistency, and context in data to know they can trust their data-driven decisions.
IBM i security is the foundation upon which organizations can build data integrity. You can’t build integrity on something that’s not secure in the first place. And while IBM i systems have historically been regarded as highly securable, organizations must keep in mind that security requires an intentional and proactive approach.
Fortunately, we have seen an increase in awareness of security and a willingness to be proactive in fighting IBM i security threats. With this added vigilance, IT teams have a great shot at preventing IBM i security issues from interfering with critical business initiatives designed to improve business decision making and increase operational efficiency.
Achieving Data Integrity
With global spending on digital transformation expected to reach $1.3 trillion this year, organizations must establish a foundation of trusted data to ensure these investments are successful.
It’s no doubt that data has changed the world. It has opened new possibilities for products, services, and experiences to which companies, organizations, and governments can create differentiation in the digital economy.
But lack of data integrity is a critical problem for businesses today. In fact, 84 percent of CEOs do not trust the data on which they base decisions and 68 percent of organizations are hindered by siloed data.
Plus, with cybercrime posing a threat to organizations’ bottom lines, businesses must prioritize security as they set on the path for achieving data integrity. It’s important that organizations focus their efforts on security and expand upon the security capabilities inherent in IBM i.
Here are five key elements an IBM i business ought to take to set the stage for data integrity:
Protecting the Privacy of IBM i Data: In recent years, consumers and regulatory bodies have demanded that more action be taken to ensure data protection and privacy. Regulations such as PCI DSS, HIPAA, GDPR, and FISMA require that personal data be protected against unauthorized access using technologies like encryption, tokenization, masking, secure file transfer and more.
With all the options available for securing IBM i data at rest and in motion, how does one know where to begin?
It’s important for organizations to get up to speed on the key concepts around regulations, assuring data privacy for customers, business partners and employees.
Assessing Weaknesses: Today’s world of complex regulations and evolving security threats requires simple IBM i security and compliance monitoring to alert you to security threats quickly and satisfy auditors. Regular IBM i security assessments should be conducted to ensure continued compliance with cybersecurity regulations and to quickly identify and remediate any weaknesses in security practices. A thorough inspection of IBM i settings can help to identify areas where password protection, access control, and data protection should be further hardened.
Bolstering Login Security With Multi-Factor Authentication: Stories of data breaches caused by stolen or guessed passwords have increased scrutiny around login practices.
Multi-factor authentication has become best practice for strengthening login security and is now required by regulations such as the latest PCI Data Security Standard, the New York Department of Financial Services’ Cybersecurity Regulation (23 NYCRR 500) and more.
Multi-factor authentication can be implemented for IBM i users to strengthen security and meet compliance requirements at a time when cybercrime continues to see explosive growth.
Tightening Access Control Features For Comprehensive Security: There are thousands of requests every day to access an IBM i system, and many of these requests are legitimate. Others, though, could be a risk to data security. This means that administrators need the ability to distinguish between normal and suspicious access attempts. Companies must tightly control points of access to their IBM i systems and data and ensure that authorities are restricted to only those that individual users require to do their job
Regular Security Monitoring and Compliance: IBM i journals and log files contain the data required to monitor security and prove compliance, but they’re also notoriously cryptic and voluminous. Without a way to quickly obtain insights or create reports regarding changes to critical databases, it’s nearly impossible to analyze log files for security insights or extract audit reports in a timely manner.
Critical log sources can be used to monitor for security and compliance deviations, as well as to feed IBM i log data to Security and Information Event Management (SIEM) solutions that do not natively have visibility into the platform.
The Future Relies on Trusted Data
The current state of data integrity – inaccurate, inconsistent data lacking in context – is limiting the scale at which insights can be delivered for more confident decision making. Achieving data integrity, or trust in data, must be the imperative of IT leaders across the world in organizations of any size.
When a company’s data is secure, integrated, accurate and is enriched with context, data integrity is achieved. Once data integrity is achieved, companies can reap the benefits of investments in new tools such as ML, AI, and other analytics platforms.
We need to start thinking about data integrity differently – with a greater focus on integration, data quality, location intelligence, and data enrichment – which all in turn help organizations, governments, businesses and more to power better and more confident decision making, yielding better outcomes in the long run.
Taking steps to strengthen login security, control access, protect confidential information, monitor system activity, and continually refine IBM i security practices will set organizations on the path to delivering trusted data that drives better business decisions for years to come.
The future of intelligence relies on data integrity to create business value from more of an enterprise’s data assets.
This content is sponsored by Precisely.
Bill Hammond is product marketing director at Precisely.