Manage Learn to apply best practices and optimize your operations.

Why implement System i security anyway?

A recent survey of System i shops reports very disturbing information. While we are justifiably proud of the robust security offered by our favorite platform, when push comes to shove, it turns out that a lot of System i shops come up short on the implementation side. Good security features don't help you unless actually use them!

Rich Loeber
A recent survey of System i shops reports very disturbing information. While we are justifiably proud of the robust security offered by our favorite platform, when push comes to shove, it turns out that a lot of System i shops come up short on the implementation side. Good security features don't help you unless actually use them!

More Information

I've been wracking my brain, since reading this survey, to sort out why this is so. In this day and age of regularly reported data thefts and data abuses, why would someone who is using what is arguably the most secure computing platform available choose to run it without a full implementation of those features?

Part of this might fall into the category of not really understanding why security is so important. I see several big reasons why you should be concerned about security.

  • Sensitive data. Some data stored on your system should just be restricted to those people who really need to see it and work with it. The classic example is payroll data but there are lots of other data types that you should be thinking about. Like credit card numbers, social security numbers, bank account data, personal identification data, pin numbers, and on and on ....

  • Data Reliability. In this day and age when corporate officers are being asked to sign on the dotted line that the results they are reporting are accurate, we need to be able to back that up with systems that can only be accessed and updated by those authorized to make the required updates and changes. If anyone can get into your files and make changes, then you can't guarantee the reliability of that data.

  • Data Availability. Without security implemented, it is just too easy to damage or delete data on your system. Records can be removed and even entire files can be deleted unless the security controls are in place to prevent this. Sure you can restore data that has gone missing, but it will cost you and your company while it is gone and it can easily lead to manual reconstruction or reprocessing of transactions already posted once.

    Another part of the reason why so many System i shops have not implemented security can be found from their history. Many of these shops grew up on predecessor systems such as the System/36 and System/38. On those systems, access was restricted to devices that attached by unique twin-ax cabling. This effectively insulated the CPU from the outside world. Security implemented at the menu level was very effective in limiting functions to those who were authorized. But, everyone knows that this is just not the case any longer. Most shops are now fully networked and most System i users connect via a network connection. In today's networked world, this just doesn't cut it any longer. Anyone with a PC and broad system authorities can access and manipulate just about any data on your system. If your system is accessible from the Internet, someone can easily access your system via FTP and you might never know it when it happens.

    Just having a system that is known as a very secure system won't keep you from getting in trouble. The tools do you no good if they just sit on your workbench unused. If you're feeling guilty at this point in your reading, do something about it now. Don't end up in the headlines like the recent problems at TJX (the parent company of TJ Maxx) who now hold the record for the most credit card information stolen.

    If you have any questions about this topic send me an email, I'll try to answer any questions you may have. All email messages will be answered.

    ---------------------------
    About the author: Rich Loeber is president of Kisco Information Systems Inc. in Saranac Lake, N.Y. The company is a provider of various security products for the iSeries market.


  • Dig Deeper on iSeries system and application security

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchDataCenter

    Close