Learning guide: Simple steps to a secure iSeries

This organized list will guide you along your way to maintaining a secure iSeries system. Undoubtedly, the iSeries is one of the most secure platforms out there, but don't be mistaken in thinking that it is untouchable. Address the basic security issues now and take the proactive steps needed to prevent having your system compromised.

This organized list will guide you along your way to maintaining a secure iSeries system. Undoubtedly, the iSeries

is one of the most secure platforms out there, but don't be mistaken in thinking that it is untouchable. Address the basic security issues now and take the proactive steps needed to prevent having your system compromised. -- Deb Tart, associate editor


Chapter 1: iSeries security at a glance

Getting started with basic system security
Frequently asked questions about basic system security
Keep iSeries security simple 
White paper: Best Practices for iSeries Security
Free Book Excerpt: Information Security Best Practices: 205 Basic Rules
Think the iSeries is unhackable? Think again 
 

Chapter 2: Setting up user security

Planning physical security
Planning security for your applications
Your built-in security consultant -- Free of charge 
Planning your overall security strategy
Planning user groups
Granting SECADMIN authority
Sufficient authority, but not *ALLOBJ authority
User authority: How much is too much? 
Seven ways to secure powerful profiles 
Use group profiles for easier security admin 
Learn why unique user profiles are critical to OS/400 security
Prevent user profiles from gaining unofficial access
Finding users with passwords the same as the profile
Four tools for controlling user profiles
Gain better control over user profiles 
Analyze default passwords
Choosing your security level
 

Chapter 3: Setting up resource security

Take control of your iSeries network security -- part 1 & part 2
Security considerations for your library lists -- part 1 & part 2
Be open -- be secure
Determining ownership of libraries and objects
E-mail filtering in OS/400 SMTP
Get a better understanding of e-mail security policies
Deny spammers server access
Deny spammers server access -- V5R2 update
Determine who used a particular API, file, user profile or any object on OS/400
Monitor e-mail usage
Know what security level your objects are using
Understanding types of authority
 

Chapter 4: Testing & planning iSeries security

Creating your iSeries security policy
Implementing an iSeries security plan
iSeries security officer's New Year's resolutions
White paper: Is your AS/400 safe and secure? Checking your AS/400 safety
20 ways to improve your system's security
CAPP: What it represents for i5/OS
Is the light on, but the door unlocked? Know where you stand
Search400.com Webcast: Securing your iSeries -- What to expect with V5R1 & V5R2
Tightening iSeries security
Are your backups complete? Make sure
Automate disaster recovery restores 
White paper: Protect Your Knowledge Base -- How To Put Together A Workable Security Plan
Securing the iSeries: Know what to keep an eye on
 

Chapter 5: Understanding security level settings and authoritie

Moving from security level 30 and higher 
Moving from a level 30 security setting to a level 40
Granting user B the same private authorities as user A
Granting user authority
Limiting user authority in Client Access
Changing the object authority
Change object authority to include *USE authority
Attention key drops the adopted authority
Reviewing *PUBLIC authority
Prevent files from being updated
Limiting *PUBLIC Access to i5/OS Objects -- part 1 & part 2 
Prevent users from changing database files
Changing the permission for folders 
 

Chapter 6: Monitoring/auditing security

Check list for monitoring security
Brush up on security auditing
How to prevent a hack attack 
Keeping consultants honest
Keeping programmers honest -- part 1 & part 2
How to check for invalid log-on attempts
White paper: Detecting and preventing common iSeries and AS/400 security exposures
Checking for profiles that have default passwords
White paper: Thinking like a hacker
Search400.com Webcast: Hacks, cracks and 13 year olds! Avoiding Web Services Security Nightmares
 

Chapter 7: General security resources

Get questions to your security questions from ITKnowledge Exchange
View ongoing security discussions in Search400.com's ITKnowledge Exchange. 
Ask the Expert: Search400.com security expert Carol Woodbury offers security advice
Managing the iSeries Forum: Interact with other administrators
Check out Search400.com's collection of security tips
Free Book Excerpt: Experts' Guide to OS/400 & i5/OS Security
iSeries security and performance issues
 

Chapter 8: Simply security fun!

Take the iSeries security quiz: Fact or fiction
Test you security smarts with Search400.com's iSeries security word search

This was first published in June 2006

Dig deeper on iSeries system and application security

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchEnterpriseLinux

SearchDataCenter

Close