Security & Compliance
Want to improve your IBM i security?
With the GDPR being enforced, security is an even hotter topic than it was before because a good security strategy is now mandatory for ALL companies, no matter what business you are in or what size company you work in.
The level IT auditing will increase, and therefore more questions need to be answered. It is therefore key that you can report on the security status for your company, including areas like:
- Remote access to your system
- User authority: How many do you have and what can they do
- User activity: What are they actually doing on your system
- Sensitive data
- Is your data residing on IFS secure and well-protected?
Most companies do not have virus protection on the IFS. But, remember more and more files are stored within the IFS.
Where and how to start improving security on your Power Systems?
There is no one right answer. Some companies prefer to start out by implementing a reporting tool covering the above areas, so that improvements become clear as the report is produced every month.
Others prefer to solve the different areas by implementing an automatic solution for the specific area, thereby eliminating problem areas.
The ideal solution is of course to do both: Have a reporting tool which will give the IT auditors and your legal department all the answers they need – automatically – and to have tools in place which control and manage the different areas.
It all depends on your current status and your objectives. How high are your goals?
Many of SOSY’s customers already have one or more security tools or external consultants who help from time to time by reviewing the IBM i. But you need a tighter security strategy to live up to the GDPR.
And where do you start? Read about our “Free Security Scan” which will get you started on the right foot.
M3 User? How Do You Manage Security?
Many M3 users find M3 security difficult and time-consuming. Even unintuitive.
It is important that users don’t have too much – or too little – access!
Vince VSE lets you manage users on an individual or group basis – making it easy to assign the right amount of user access and user control.
Segregation of duties is another important area.