Call us at 507.319.5206 or This email address is being protected from spambots. You need JavaScript enabled to view it.
Follow us on LinkedIn and Twitter

Botz Security Bytes Newsletter — September 2015



Solving information security problems                           September 2015

Home     |      SSO Services      |      Security Consulting      |       Downloads     |      Contact      


5 Easy Ways to Break Your SSO

System — And How to Fix It

HA for SSOSeptember 9, 2015 — Single sign-on (SSO) implementations tend to be very stable — unless you make specific system changes without planning ahead.


Over the years, I’ve seen a handful of problems occur more often than any others. None of the problems are complicated or costly to fix, although they can be difficult to diagnose for those who don’t regularly deal with the intricacies of the Kerberos protocol and identity mapping.


Here are the top 5 causes of SSO disruption......




A Better Way to Define Your Own

Special Authorities

SSO stat!

We all know about special authorities, right? Defined by the IBM i operating system, they include *ALLOBJ, *AUDIT, *JOBCTL, *IOSYSCFG, *SAVSYS, *SERVICE, *SECADM and *SPLCTL.


A few months ago I wrote about a set of IBM i APIs and commands that allow you to define ad hoc special authorities in your programs. That post focused on the actual commands and APIs, and you might have been left thinking “Yeah, but why would I want to do it that way?”


There are several advantages to using “system-supported” special authorities, primarily due to the fact that the operating system does a lot of the work for you and provides administrative interfaces so system administrators can assign and revoke authorities.....




Not your copy? 
Don't miss an issue!  Subscribe here...


In A Guide to Practical Single Sign-On, Patrick Botz explains how you can quickly reduce password costs when you approach SSO from a business perspective rather than a technology perspective.
Download it here....





Did IBM i Just Get Hacked at DEF CON?
This article describes claims made at a recent DEF CON conference related to hacking the IBM i, as well as an analysis of those claims by Carol Woodbury.


Biggest Apple Account Theft Ever Hits Only JailBroken iOS Devices
A quite versatile piece of malware that steals data, makes fraudulent purchases, and has some ransomware to boot, KeyRaider has stolen 225,000 Apple accounts -- but it apparently only works, or can only be installed on, "jailbroken" devices. One more reason not to tamper with the base OS on any of your systems or devices.


FBI: $1.2B Lost to Business Email Scams
The FBI recently sounded the alarm about the growing threat of the "CEO fraud" scam. It results in fraudulent wire transfers going to a reported 72 different countries. Usually starts with a phishing attack and then gains access to that individual's email account.

BOTZ & Associates, Inc.    |    Rochester, MN 55903    |    1.507.319.5206    |    This email address is being protected from spambots. You need JavaScript enabled to view it.