Author Archives: botz

“Security by obscurity” means relying on lack of knowledge of how a thing is protected as the sole means of preventing unauthorized access to that thing. There’s been a debate going on over at the Midrange-L discussion forum about the efficacy of this … Continue reading

Posted in Encryption, IBM i Security | Tagged , , , , | Leave a comment

It’s that time of year again. Budgeting for next year means that you need to figure out how much you’re going to spend on security projects and products.  Of course, in order to determine how much money you need to … Continue reading

Posted in Info Security Mgmt, Information Security, Security Breach | Tagged , , , , , , , , , , | Leave a comment

  One of the things I like best about my job is that I get to see a lot of different environments using many different parts of the operating system.  This often gives me the opportunity to learn something new.

Posted in IBM i Security, Single Sign-On (SSO) | Tagged , , , , , , , | Leave a comment

I’ve got good news for you. The best technology for implementing SSO — Kerberos — is something that your organization probably already owns. If you want to understand why Kerberos is a great technology on which to build your Single … Continue reading

Posted in Single Sign-On (SSO) | Tagged , , , , | Leave a comment

It may surprise a few people, but I’m just not worried about my credit card being stolen. In fact, I refuse to worry about it. That may sound like heresy for someone who is supposed to know a little bit … Continue reading

Posted in Botz Blog, Cloud Security, Info Security Mgmt, Information Security, Mobile Security, Security Breach | Tagged , , , , , | Leave a comment

You are a long-time IBM i (AS/400, iSeries, IBM System i, etc.) programmer and you understand the details of how the system checks authority, don’t you? I bet you don’t! It’s the authority of the JOB that really matters. Why … Continue reading

Posted in IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , | 1 Comment

I didn’t come up with the idea for a managed single sign-on (SSO) service. A customer did. When Botz & Associates started security consulting, only infrequently would companies request help implementing SSO. I always wondered why more companies weren’t using … Continue reading

Posted in Botz Blog, IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , , , , , , , | Leave a comment

On October 7th IBM Systems Magazine hosted my webcast, How to Achieve SSO in a Day: Eliminate passwords and be an IT hero. I was very happy to see the large number of people who registered, attended, and stayed online until … Continue reading

Posted in Botz Blog, Single Sign-On (SSO) | Tagged , , , , , | Leave a comment

A hot debate over the inherent security benefits of open source software — or lack thereof — has been raging (again) since the “heartbleed” bug came to light last spring. So…..from a security expert’s point of view (yes, mine!), is … Continue reading

Posted in Botz Blog, Cloud Security, Compliance, Encryption, IBM i Security, Info Security Mgmt, Information Security, Mobile Security | Tagged , , , , , , , , , , , , , | 2 Comments

Or…How a security expert can fall for a phishing scheme Think no one will target your business with phishing attacks?  Think again… This confession is a bit hard for me. Just recently I was the target of a phishing attack.  … Continue reading

Posted in Botz Blog, Cloud Security, IBM i Security, Info Security Mgmt, Information Security, Mobile Security, Social Engineering | Tagged , , , , , , , , , , , , | Leave a comment