Menu
businessman hand using tablet computer and server room background

Don't forget about the IT part of your Security Audit

Whether you are the Accounting Firm charged with performing a security audit or you are working with an Accounting Firm to conduct your security audit, including an IBM i security expert on the audit team is imperative to the success of your review. 

Are you an Accounting Firm in charge of performing a Security Audit for a client using IBM i?

Are you prepared to address the increased need for security monitoring for companies running on the IBM i ? 

A deeper understanding of the risks and the security controls built into the OS is currently driving a wave of interest in prioritizing cybersecurity issues on IBM i....Cybersecurity is becoming a higher priority,” Tatum writes. However, many organizations are still in the early stages of implementing IBM i security controls.

Robin Tatum, 2020 State of IBM i Security Study.

 

Benefits of adding an AS400 / IBM i information security professional to your audit team

IT audits are often conducted by individuals who may not be as familiar with the intricacies of the IBM i platform. When it comes to verifying a system, performing a "checkbox audit" leaves the company being audited open to vulnerabilities that an unfamiliar auditor is likely to miss.

As AS400 / IBM i specialists (iSeries, i5) we will work with your team to move beyond the "IT Checklist". By having a Briteskies IBM i security analyst review and assess the platform your audit is more thorough. Even better, we will partner with you and your team so that you can white label our work. 

Partnering with a Briteskies IBM i security expert allows you to:

Enhance your IT audit offerings and expand your client reach

 

Boost the confidence of clients and increase potential opportunities

 

Use skilled and knowledgeable experts across all aspects of your audit

Confidently stand behind your work and audit performance

 

Close-up of technician maintaining record of rack mounted server on clipboard in server room

Tips for enhancing the IT Audit

As an auditor, do you "go beyond the checklist" and make sure that nothing is hidden in the margins and that no code has been temporarily removed, only to be added back in after the auditors place their green check in box?

If you are unsure of how to answer any of these questions, your audit may be at risk.

  • Is  there ample separation of duties within the IBM i department? 
  • Are answers regarding the IBM i checked for validity and accuracy?     
  • Are the company's password rules enforced throughout the IBM i? 
  • Does the server have open access to and/or from the internet? 
  • Can the infrastructure access control be easily hacked? 
  • Are the backup tapes are running and periodically tested? 

Learn how Briteskies can enhance your security audit process→

briteskies-security-compliance

How to prepare for the IT portion of a Security Audit

Compliance does not equal security

Don't fall victim to believing that because you have a compliance plan in place, you're covered. You need a full security strategy as well, since compliance mandates typically set only minimum requirements.  Reach out to our IBM i security professionals to schedule a pre-Audit IT Risk Assessment which will: 

  • review how you line up against best practices
  • confirm necessary changes have been made since your last audit
  • get you ready to pass your upcoming audit with flying colors.  

Find out if you are following AS400 /IBM i security best practices →

Back view image of businessman drawing graphics on wall

How a Briteskies IT Risk Assessment will benefit your company:  

  • Create a cyber-secure system and business that is better protected against internal and external malware and information theft
  • Prepare for upcoming regulatory requirements for external audits
  • Gain an objective, in-depth look into your IT department
  • Attain assistance in managing your SOX compliance
  • Enhance company confidence by the Board of Directors, Executives, and Investors

Learn more about the benefits of an IT Risk Assessment →

Looking for more Security Resources?

If you're auditing a platform you don't fully understand, you could be missing something.

As IBM i /AS400 certified experts, we can work with your team to move beyond the "IT checklist". By having a CISSP specialist review and assess the platform your audit will be more robust.

Robert-Nettgen-Briteskies-Security-Expert
"An unfortunate reality of doing business today is that online security is everyone’s responsibility. Fortunately, even small steps can greatly improve your security."

— Rob Nettgen, CISSP
IBM i Security Specialist, Briteskies

Why Choose Briteskies? 

  • Our team is certified in both security and IBM i / AS400
  • CISSP certified security specialists on staff
  • We have 20+ years of field experience across multiple industries
  • Every business is unique, our custom approach is tailored to your goals

 

Contact Us to Get Started

Security Success Stories

Our area of expertise extends beyond just finding vulnerabilities. Our team is here to help you fix your problems now, as well as guide you through how to stay safe and secure for the future. Read more about some of the clients we've helped and how we did it. 
close up of hands using laptop and holding credit card  as Online shopping concept

Protecting your Site from Future Breaches After an E-Commerce Site Breach

Briteskies was contacted after a client's foreign subsidiary's e-commerce site was breached. Our team worked together with the company to formulate a next step plan for how to avoid future breaches by implementing an infosec governance function within the company. Subsequently, the client created a new position with specific focuses based on Briteskies's advisement.

Magnifing glass and documents with analytics data lying on table

Identifying System Vulnerabilities during a SOX Compliance Assessment 

Hired to perform an IBM i security assessment as part of the client's SOX compliance requirements, Briteskies reviewed the clients infrastructure and found vulnerabilities on the IBM i server which had potential to be exploited to gain unauthorized access. Briteskies recommended additional practices and offered guidance on how the client could improve their security authentication, resulting in an overall increase in IT security awareness and insurance. 

Improving Network Security After a Company-Wide Malware Attack

After a ransomware infestation encrypted numerous PCs within the company, the client was seeking advice as to how best to secure their point of vulnerability.  After performing a full information security review, Briteskies sat down with the staff and offered advice and guidance for what to do and how to do it in order to better secure their system, including what products to use and implement for a more formalized information security policy. Additional resources were provided to their IT staff for future education.

The Forecast is Brite

Our annual customer and employee surveys consistently show that we deliver the best experience for both our clients and our fellow team members.

Learn more about Briteskies

Ready to shine? Contact us!

briteskies-customer-satisfaction-1

4.5 of 5 Satisfied

In a recent survey, our team scored 4.5 of 5 on business relationship satisfaction.

briteskies-satisfied-employees

94% of Employees

Tell others great things about working at Briteskies.

briteskies-customers-long-term-partner

93% of Customers

Believe that Briteskies values being a long-term partner.

briteskies-customer-would-recommend

92% of Customers

Would recommend Briteskies to an associate.