Establishing a foundation for IBM i cyber security
For many reasons, IBM i enterprises are overwhelmed with securing their IT infrastructure.
You’re busy with the day-to-day maintenance, support and actual build of the IBM i applications that run your business.
So, where does IBM i security fit in, what do you need to do and how do you manage it?
Many IBM i shops already have systems, policies, procedures and tools already set-up that are working – and, despite a moving security landscape, many of these elements have been in place for years.
If you’re considering reviewing, revising and replacing these systems, or you’re considering systems for the first time, join Andy Nicholson for a webinar on 30th November 2022 at 3pm (GMT) to discover a foundation for cyber security on IBM i.
Surveys highlight IBM i cyber security as top concern
For the sixth year running, cyber security has ranked as the number one concern for IBM i IT professionals in HelpSystems (always) insightful IBM i Marketplace survey.
Why is cybersecurity at the top of the survey’s concerns?
Well, Fresche, IBM and Forbes asked that same question within their 2022 cyber security report.
The findings made grim reading.
43% of organisation don’t have any cyber security in place
61% of SMBs reported at least one cyber attack in 2021
A penetration testing study revealed cyber criminals can penetrate 93% of company networks
83% of organisation are not financially prepared to recover from a cyber attack
Nearly 50% of IBM i shops have little to no security knowledge and skills (with concerns that there are indeed limited security knowledge or skills within the IBM i community as a whole).
[SOURCE: Fresche, IBM & Forbes Cybersecurity in 2022 Report]
But the IBM i secure, right? Dispelling the myth that IBM i is impenetrable
IBM i is a safe platform, right?
Well, not entirely.
For so many years, there’s been a general feeling that the IBM i is an impenetrable platform, immune to any kind of cyber threat.
And while the architecture of IBM i certainly makes it less likely than other platforms, unfortunately, there are always security fault lines in every business and flaws that can be exploited in every system.
And what about those particular fault lines and flaws?
During the webinar, Andy will examine these the top four risks as reported by IBM in greater detail – and crucially provide some practical guidance to combat these particular risks.
Malware or malicious software refers to worms, viruses, Trojans, and spyware — that provide unauthorised access or damage to the computer.
Ransomware is a type of malware that locks down files, data or systems, and threatens to make public, erase, encrypt or even destroy data unless a ransom payment is made to the criminal.
Phishing is a form of social engineering that tricks users into providing their credential or sensitive information. These are normally delivered via email or text messages disguised as a legitimate company – say a bank, government institution or business.
Inside Threats / Credential abuse
Typically, these come in the form of former employees, business partners, contractors or anyone who has had access to systems or networks. These can be considered a threat if they abuse their access permissions and as a result are invisible to firewall and intrusion detection systems.
Laying the foundation for security on your IBM i
Now we understand the types of cyber threats that can impact our IBM i, we can lay the foundations for protecting our infrastructure – and the application running on it.
During the webinar, Andy will provide practical advice and suggestions for IBM i security ranging from
Restricting access to your IBM i (closing the backdoor)
Preventing phishing attacks through staff education
Backup and recovery
Creating plans and policies
Importance of applying PTFs in a timely manner
Implementing field-level data encryption
Gaining cyber security accreditation
Having appropriate cyber security insurance.
Protecting your IBM i never stops
Cyber Security is not just ‘implement once’ and move forward, it’s a continually evolving landscape with new threats being introduced on a weekly, if not daily basis.
Businesses need robust methods, policy and solutions in order to be able to counter and succeed.
Proximity has travelled this path, it’s not easy, but with support and some really terrific products on the market, it doesn’t have to be that difficult either.
In the meantime, if you’d like to discuss your IBM i security, do not hesitate to drop Andy Nicholson an email on andy.nicholson[@]proximity.co.uk.
The post IBM i Security, it’s not easy but it doesn’t have to be hard either… appeared first on Proximity.