Kisco Makes Moves In the IBM i Security Business
August 29, 2022 Alex Woodie
When he took ownership of Kisco Systems from his dad, Richard, last year, Justin Loeber pivoted the company to focus almost exclusively on IBM i security. With recent updates to the company’s security tools in the books and more in the works, Loeber is positioning the company to ride the security wave for the long haul.
If COMMON’s recent announcement that it is launching a new security conference called i on Security 2022 in St. Louis this fall is any indication, then it appears that awareness of security vulnerabilities is on the upswing. That is good news for companies that have a lot to lose through poor security configurations. It’s also good news for the software vendors and consultants that ply the IBM i security waters.
You can count Kisco Systems among the group of vendors that are working to automate security remediation on IBM i. The company, which is the platinum sponsor for the i on Security 2022 conference, has long sold security, audit, and monitoring tools among its various products. But following the transfer of ownership among the Loebers, the focus has turned exclusively to security.
There is a lot of potential business to do in security on IBM i, according to Loeber. “It seems like security always hovers just below this decision threshold of things that companies feel they need to do, but don’t,” he tells IT Jungle.
The reason they’re not pulling the trigger? Loeber surmises the cost of software has a lot to do with it, particularly in the IBM i security space, which has seen its share of vendor consolidation over the past few years.
Loeber’s goal is to have Kisco lower the cost barrier for any company that needs to move forward with implementing security.
“A major strength of Kisco products is they’re lightweight – not in terms of their capabilities, but they’re lean and mean,” Loeber says. “They’re very efficient products.”
Some of his competitor’s products, on the other hand, are expensive and bloated, he says.
The key player on Kisco’s security roster is SafeNet/i, which is an exit point management solution that protects IBM i servers from unwanted access. Customers that just want to see what’s going across the IBM i exit points (but don’t necessarily want to manage them) can select SafeNet/i Lite, which also brings some controls but is focused on logging and monitoring.
“There’s different modes,” Loeber says. “If you want to just audit only and monitor, that costs more than doing nothing but it doesn’t cost as much as having actual preventative measures in place. We actually do have a product, wherever you are on that journey.”
Kisco’s supporting cast includes iResetMe, a self-service password reset tool. There is also i2S3, which automates IBM i backups to the AWS S3 cloud. iFileAudit gives administrators the capability to track all changes made to a file, iEvent Monitor keeps a close eye on a range of IBM i components. iSecMap maps and monitors the security configuration of IBM i servers.
There is also i2Pass, a two-factor authentication (2FA) solution that prevents unwanted sign-ons to IBM i resources and that was recently updated. With i2Pass 3.0, Kisco is making life easier for systems administrators. The 3.0 release boasts a new self-registration capability that kicks in the first time they try to log in to a session protected by i2Pass. Better email handling is another new feature.
Finally, there is WebReport/i. Kisco previously marketed this as a general-purpose spool file distribution tool, but today it’s been rebranded as a security product, according to Loeber.
“WebReport/i represents security beyond the server, because you can encrypt reports,” he says. “So you’ve invested all this effort into securing your environment, and then you email a PDF. You’ve just undone all your work. With WebReport you can encrypt those reports, or you can deliver your reports through a secure Web portal.”
Development is moving forward across all of the products. Kisco is close to taking the wraps off a new Web-based GUI called Bluescape that will become the common user interface for all the Kisco products (although it will keep the green-screen interfaces for 5250 die-hards).
“I have to say, I’m really happy with it,” Loeber says of Bluescape. “It’s right in line with the Kisco brand — super easy to use, minimal bloat.”
But being the value leader will only get you so far. As Kisco goes up against much bigger security software companies – including a pair that are worth in the low nine-figures – Loeber realizes he must be innovative in other ways.
To that end, Loeber is expanding Kisco’s partner and reseller network. Because of its lean-and-mean nature, SafeNet/i requires a competent administrator to properly configure it. Loeber is building a network of consultants he could tap to help customers implement the exit point monitoring and management tool and really lock down their IBM i servers.
“Kisco strategically is going to be a software company. I’m not interested in hiring teams of consultants. I’ve done all that before,” he says. “When we have a sales prospect ask if there’s implementation help, we will refer them to our partner network.”