Category Archives: Information Security

I didn’t come up with the idea for a managed single sign-on (SSO) service. A customer did. When Botz & Associates started security consulting, only infrequently would companies request help implementing SSO. I always wondered why more companies weren’t using … Continue reading

Posted in Botz Blog, IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , , , , , , , | Leave a comment

Whenever I see a web site or hear a commercial touting how my personal information is secure because “we use encryption,” I just have to chuckle. I guarantee you that Target did — and does — encrypt your personal information … Continue reading

Posted in Encryption, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , | 2 Comments

A hot debate over the inherent security benefits of open source software — or lack thereof — has been raging (again) since the “heartbleed” bug came to light last spring. So…..from a security expert’s point of view (yes, mine!), is … Continue reading

Posted in Botz Blog, Cloud Security, Compliance, Encryption, IBM i Security, Info Security Mgmt, Information Security, Mobile Security | Tagged , , , , , , , , , , , , , | 2 Comments

  Patrick Townsend and I had a chance to catch up at COMMON earlier this year. I was psyched to learn that Townsend Security is now offering Two Factor Authentication (2FA) for the IBM i. When we started talking about … Continue reading

Posted in IBM i Security, Info Security Mgmt, Information Security, Single Sign-On (SSO), Two Factor Authentication | Tagged , , , , , , , , | Leave a comment

Or…How a security expert can fall for a phishing scheme Think no one will target your business with phishing attacks?  Think again… This confession is a bit hard for me. Just recently I was the target of a phishing attack.  … Continue reading

Posted in Botz Blog, Cloud Security, IBM i Security, Info Security Mgmt, Information Security, Mobile Security, Social Engineering | Tagged , , , , , , , , , , , , | Leave a comment

From the title you might be thinking that the theme of this article is something like “information security is war.” But that’s not it.

Posted in IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , , , | Leave a comment

The new IBM i 7.2 release brings several security-related enhancements. Two of them are the ability to use SSO from an IBM i green screen to a remote Telnet or FTP server that also supports Kerberos.

Posted in Botz Blog, IBM i Security, Information Security, Single Sign-On (SSO) | Tagged , , , , , , , , , , , , | Leave a comment

Have you ever encountered a situation where a user needed to use an application that displayed all of the rows in a file, but the user really should be restricted from seeing certain rows in that file?

Posted in Announcement, Botz Blog, Compliance, IBM i Security, Info Security Mgmt, Information Security, Mobile Security | Tagged , , , , , , , , , , , , | Leave a comment

OR….. How Jobs Get Authority to Objects Words have consequences. Saying things like “we’re going to tighten security” or “we’re going to remove public (or default) authority” or “we’re going to remove direct access to data” will almost invariably lead … Continue reading

Posted in Botz Blog, IBM i Security, Info Security Mgmt, Information Security, Mobile Security | Tagged , , , , , , , , , , | Leave a comment

Recently I’ve written several blog posts about biometric authentication in IT Shops (see “Target Attack Leads to Discussion of Biometric Authentication“, “IT Shop Requirements for Exploiting Biometrics“, “Biometrics and SSO“).  This post discusses a couple of secondary factors.

Posted in Biometrics, Botz Blog, Cloud Security, IBM i Security, Info Security Mgmt, Information Security, Mobile Security, Single Sign-On (SSO) | Tagged , , , , , , , , , , , , , , | Leave a comment