Follow us
Category Archives: IBM i Security
Not many people realize that IBM i lets you define your own ad-hoc or application-defined special authorities. That’s not real surprising considering that neither the name of the mechanism nor the documentation says anything about special authorities.
Posted in IBM i Security, Info Security Mgmt, Information Security
Tagged authority, IBM i Security, security policy
Leave a comment
Hey everyone! Starting this month I’m going to be writing a monthly article for IBM Systems Magazine’s EXTRA online newsletter. Check out the March installment — Howdy, Partner! The Role of Application Developers in IT Security — for a look … Continue reading
You are a long-time IBM i (AS/400, iSeries, IBM System i, etc.) programmer and you understand the details of how the system checks authority, don’t you? I bet you don’t! It’s the authority of the JOB that really matters. Why … Continue reading
In a previous post on this topic, I discussed how to calculate the cost of a security-related project and how to compare different solutions for a given security-related project or issue. I asserted that there are three different aspects that … Continue reading
It’s a simple fact. Good security doesn’t just happen. You need to have a very specific set of knowledge to effectively secure your information assets. The knowledge you need falls into five discrete categories: policies, data, people, systems, and events.
CAUTION: RANT ALERT On Wednesday, November 19, Admiral Michael Walters, the head of the NSA made a very disturbing announcement. He said that China and one or two other countries have the capability to launch a cyber attack that could … Continue reading
I didn’t come up with the idea for a managed single sign-on (SSO) service. A customer did. When Botz & Associates started security consulting, only infrequently would companies request help implementing SSO. I always wondered why more companies weren’t using … Continue reading
Whenever I see a web site or hear a commercial touting how my personal information is secure because “we use encryption,” I just have to chuckle. I guarantee you that Target did — and does — encrypt your personal information … Continue reading
A hot debate over the inherent security benefits of open source software — or lack thereof — has been raging (again) since the “heartbleed” bug came to light last spring. So…..from a security expert’s point of view (yes, mine!), is … Continue reading
Posted in Botz Blog, Cloud Security, Compliance, Encryption, IBM i Security, Info Security Mgmt, Information Security, Mobile Security
Tagged AIX, AIX Security, AS/400, Closed Source, cloud security, compliance, cybersecurity, data security, encryption, Information Security, information security management, Open Source, Proprietary, security management
2 Comments
Patrick Townsend and I had a chance to catch up at COMMON earlier this year. I was psyched to learn that Townsend Security is now offering Two Factor Authentication (2FA) for the IBM i. When we started talking about … Continue reading
