Audit and Security on IBM i Power Systems®
You run critical parts of your business on IBM i and you need to address some Security and/or Compliance issues such as, GDPR, PCI-DSS, SOX, specifically on this Platform,
Resiliane can help you!
Here are some examples of Services we can deliver:
- Improving your Security/Audit Level
- Be your part-time Security Officer (for example: 16 hours per month, one day per week, on demand)
- Help you in addressing issues listed in Official Audit Reports and/or prepare for your next Official Audit
- Perform access violation testing
- Do investigation in case of suspected fraudulent activities
- Support on Precisely® IBM i Security Solutions | Assure Security (Cilasoft®) | (Monitoring, Reporting & Alerting | Access Control | Multi-Factor Authentication | Elevated Authority Management | Core Distribution Services (CDS – Data Consolisation & Distribution))
Access Violation Tests (Ethical Hacking) take place under your company’s authority in a legal and legitimate way.
These tests are essential to evaluate the Security Level of your architectures.
An independent expert with strong technical skills on IBM i Security will boost your defense system.
Contact us for any questions
How can we help you? Here are some examples
Improving your Security and Audit Level
- Design audit reports on system events and database changes
- Design reports on configuration settings
- Interpret, recommend, remediate based on any audit reports
- Review access control rules – even those implemented via exit programs
- Review authentication process
- Develop new strategies to allow you to focus on: – Segregation of duties – Privilege user activity monitoring – Protection of critical data – Integrity of the audit trail – SIEM integration
- Ad-Hoc consultancy to help you understand and comply with any Business Specific Security, Auditing or Compliance need you have.
Investigation in case of suspected fraudulent activities
Actions we can deliver if you are faced with a suspicious or litigious situation:
- Search evidence in your existing logs
- Setup a more comprehensive audit trail to improve the evidence available in the future
- Produce an independent report by recognized experts that can be used to defend or absolve your company.
Help you in addressing issues listed in external Audit Reports and/or prepare for your next Audit
- Review the issues found in previous audit reports
- Prepare for future official security audits
- Collate security settings and make recommendations
- Discuss security practices and make recommendations
- Discuss new security measures to be implemented and make recommendations
- Remediate when possible
- Review, improve and create documentation.
Be your part-time Security Officer
- Act as a part-time Security Officer dedicated to the IBM i platform and as such share our expertise with your Company
- Create, maintain, automate audit reports ensuring they stay relevant and aligned with your company strategy even if you have an ever changing technical environment
- These reports can track system events, database changes, configuration settings, integrity of the audit trail, privileged user activity, exit point events and more
- Review the result of the audit reports, recommend and remediate any issues that arise
- Monitor deviated activity on the network and accordingly review access control rules implemented in existing exit programs
- Monitor and review authentication processes
- Setup and maintain protection rules on your critical data.
Don’t miss the Session
“IBM i Security in the Real World”
Guy MARMORAT
Date: June 7, 2022
9:30 – 12:15 (UK Time)
International i-POWER 2022 -Tue 7th & Wed 8th June 2022
The Park Inn Hotel by Radisson Northampton, Silver Street, Northampton NN1 2TA, UK
Do not wait for a Security incident to take you by surprise, damage your sensitive data and impact your business
Protect your data against malicious attacks and human error
Review your Security measures with a renowened Expert in IBM i
Our methods and advice are tailored to suit each company because each technical context is unique.