iTech Solutions - for all of your IBM i System needs
Sure you can use ANZDFTPWD (Analyze Default Passwords) to get a list of IBM i users with default passwords. You can also use some simple SQL in conjunction with the USER_INFO IBM i service in QSYS2 to do the same thing…but better.
To get the standard ANZDFTPWD report you can run the following statement:
ANZDFTPWD gets you everything you really need to determine who has a default password right? Well, yes. However, ANZDFTPWD doesn’t give you the full picture or allow you to be proactive. It doesn’t gauge
Laurie LeBlanc, iTech Solutions
Regulations (FISMA, HIPPA, SOX, and more) are forcing companies to evaluate how they protect their sensitive data. Industries such as finance, insurance, and healthcare have the most pressure to comply with these regulations which are geared towards protecting consumer’s private information. The issue is that companies may not understand how to properly secure their data to protect their consumers.
Any good security plan takes a layered approach to protect data. You have to consider where the data resides and how someone could gain access to it. Then you have to put controls in place to ensure that you put as many roadblocks in place as possible to prevent unauthorized access.
There are many approaches you can take to ensure you are complying with regulations and protecting your companies information.
Phil Pearson, Cheif Information Security Officer
Managing a large and complex server like the IBM i, can be daunting. Add to this the fact that you may have Scaling Up/Down/In/Out, need to control High Availability and Monitoring, Patching, Manage Backups and Restores, you have to ensure the OS is kept up to date. Even the fundamentals such as security and configuration can take significant expertise.
To do this, you need the right skills, operational procedures while maintaining a best practice approach while adhering to stringent Internal/external governance.
A managed service partner takes care of everything else; this will include:
Managed IBM i High availability using Multi-LPAR topologies, which provides an SLA up-time of 99.95%.
With the Multi-LPAR features enabled on your production server, iTech provides asynchronous “standby” replica of every database and system across multiple systems. Since both the database and its replica are in sync, there is no chance of data loss. iTech manages the whole process, and also offers a fully managed failover service, so even if the master production database goes down, an automatic failover mechanism will change the master DNS to a replica to achieve high availability.
This same technology also offers us the chance to move other workloads off the production, such as Queries and backups. This can have a huge benefit on busy production databases.
To do all of the above on IBM servers, you would need significant investment in infrastructure, software and additional off grid premises, to house the standby systems; this would be expensive, and self-managed.
IBM i scalability is difficult, to do this your own would require time, money and training. Handling mandatory downtimes due to upgrades or infrastructure requirements can be tricky, and this is just the beginning of the many scalability responsibilities. That is why one of iTech’s key advantages is its scaling service. You need more capacity to test a new feature, or you want a second system to try out a new application, we have a solution. Moreover, iTech MSP offers two levels of scalability features: vertical and horizontal.
Security Managed Services –
We enable push-button IBM i security with a scaling component depending on your needs. After a small amount of analysis, we will have turned on every inch of monitoring that is possible on the IBM i server. iTech will monitor all of your events and separate the events of the system from the Security events. This level of control allows you to sit back and wait until we have something to tell you.
Risk Management –
In a secure environment, you MUST understand the risk, and you MUST have control over the risk. The very minimum control is security event monitoring. Risk acceptance is key, but to understand the risk, you must first have a process of continuous security analysis. Imagine having around the clock operations focused on just security events. .iTech MSSP has everything you need for Security event Monitoring irrespective of peak business hours or non-peak hours, at iTech we never stop.
Interim CISO –
If you want to get to grips with your risks, or you have legislative requirements to build a bulletproof CyberSecurity model, iTech has introduced a fully inclusive cybersecurity service that requires a variety of skills. These skills include project leadership, risk management, technical expertise, and compliance. An Interim CISO (Chief Information Security Officer) is an efficient solution as they have many responsibilities for ongoing security within the organization.
This is a great alternative to an industry-wide problem without the cost of hiring an in-house security team.
Featuring:
In short, we will identify and implement a fully working Risk Register. (Enterprise-wide) we will establish a Risk Committee that will be driven to work through the remediation and report to the committee weekly.
Written by Laurie LeBlanc
Many companies want to improve the state of their IBM i security, but they often don’t know where to start. They also might not understand the long-term impact of recommended changes. Having a partner who can help you navigate through your security project can be the difference between success and failure. Let’s take a closer look at six steps to properly execute a security improvement project.
One of the habits highly successful people practice is to first seek to understand, then seek to be understood; this applies to IT projects too. In order to successfully improve your security, you need to first understand what the state of your current security is. Many companies offer free assessments, which will evaluate your system values and compare them to industry standards for compliance.