Today’s IT threat landscape is constantly changing, with more new unforeseen threats each day. Data breaches, hacks, ransomware, and malware are more prevalent than ever before. System monitoring and prevention of these attacks has become a top concern of company leaders. Until recently, security has not been a concern for IBM i shops. Many IBM i professionals will say the system cannot be hacked. And yet, Murphy (murphy’s law) always makes an appearance when we least expect it.
Aspects of security around the IBM i to consider:
|Physical Security||System Values|
|IBM supplied profiles||Password control|
|User and Group profiles||Authorized control|
|Unauthorized access||Unauthorized programs|
|Exit point programs||Etc.|
There are many packages available from SIEM (Security Information and Event Management) products, compliance monitors, and other IBM i centric vendor packages. Arbor Solutions partners with a variety of companies to sell these products. Often times, these products can be expensive, they aren’t budgeted for, or there isn’t enough bandwidth to implement the product. Customers come to us saying “I have to do something now! What other options are there?”
The best option is a 3rd party package and this is what we would recommend. However, there are native IBM i tools which can be used until a more robust tool is possible. We’ve worked with customers to activate the IBM i Audit Logging tools connected to QAUDJRN. These tools allow reporting on some of the security aspects mentioned above via standard Query400 tools and can also prevent unauthorized access by individuals and/or object as needed.
While these tools are not as robust as 3rd party products, they do offer quick and basic information such as:
- User profile activity including QSECOFR (create, delete, change, failed access and logon)
- Object authority activity (create, delete, change, failed access)
- Library and file access security
- Adopted authority monitoring
- Operating System change control
IT professionals should be addressing security as a top issue in any sized organization, on any size budget. Data and information is too valuable to not be taking steps to secure it. If security is a priority for you and your organization, contact us to discuss in more detail what solutions are available. We are happy to work with you to find a solution which best fits your organization.