Is your AS/400 environment secure?
IBM i is seemingly impervious, however there are features that can expose the system to risks. Features like QSHELL, the IFS, and webservices share platform applications with Linux and Windows systems which, as illustrated by the WannaCry ransomware attack, can leave your system vulnerable. How can you make sure your site is secure?
Our IBM i Security Assessment starts with a review by our team, including an IBM i-savvy CISSP. We conduct interviews with key admins, developers, and executives and gather necessary information before diving into a working checklist that gets into the technical details.
This checklist includes everything from a review of your company information security policy to network and physical security, as well as your disaster recovery plan. We then take a thorough review of the security configuration of the IBM i system. We take a deep dive into the technology setup, including user profiles, group profiles, security auditing, HMC security, system values, and others.
After the on-site review, our team puts together an assessment of what we found; the good, bad, and indifferent. This assessment includes a review of the findings, a rating of how the current systems are performing, and recommendations of industry best practices to apply moving forward.
IBM i Security Assessment reviews:Existing information security policy
DOCUMENTED RANSOMWARE ATTACKS
Ransomware attacks have been documented on the IBM i server, and IBM i security experts consider the threat to be increasing.
TIPS TO ADDRESS RANSOMWARE
Automatic Windows and PC updates are crucial. Keeping malware off your computer is the first line of defense in keeping your IFS and IBM i safe.
EVALUATE SECURITY CONTROLS
Following best security practices for IBM i can help lessen your chances of being attacked. Be sure that only truly critical users have access to file systems.