Deep Analysis of IBM i Security
iSecurity Investigator delivers a comprehensive view of the vulnerabilities within an organization. It is comprised of Data Discovery, Authority Inspector, and Assessment. Authority Inspector provides insight on excessive user authority, Assessment identifies the security risks to your system, and Data Discovery reveals the location of sensitive data.
Data Discovery for GDPR & PCI is a solution that provides organizations a clear and accurate view of where regulated and sensitive data resides within their organization’s IBM i based on the criteria defined in their systems. This data is then presented in a report to allow users to assess and implement necessary policies.
The first step of GDPR and PCI compliance is identifying what regulated and sensitive data a business holds and where it resides. Unfortunately, this is a time-consuming and complex process.
It would be nice to have a tool that can automate the data discovery process, but sadly no such tool could exist. Personal data takes many forms. It can be both structured or unstructured, found in handwritten notes, and paper-based files. So automated tools can play an important role but some degree of manual data discovery is necessary to avoid unidentified vulnerabilities.
Raz-Lee Security’s Data Discovery is a unique solution that scans for specific data in your database. Data Discovery is powered by a user-friendly wizard, that allows users to define the characteristics of the sensitive fields that need to be pinpointed. It then scans IBM i data on the defined system to reveal the location of the sensitive data. The results are then presented in a report to allow organizations to assess and implement necessary policies to help mitigate the risk associated with the retention of this type of data.
Data Discovery is Windows-based and connects to the IBM i via certified credentials in order to scan the data on the IBM i, without adding risk, overhead or additional footprints.
The Authority Inspector works with IBM’s Authority Collection data. It reads, summarizes, and analyzes the data and presents it, with the analysis results, in graphs and tables.
Authority Distribution Strategies
There are various methods to confine authorities:
- Adopted authority
- Authorization lists
- Group Profiles
The Authority Inspector supports the user regardless of the specific method in use. It enables comparison of utilized authority versus the required ones and supports a selection of the method. It also provides information on the minimal authority to be given at each stage and the frequency of testing authorities.
Raz-Lee Security’s non-intrusive Assessment product:
- Accesses your IBM i LPARs from a PC
- Reports on the system’s security status in numerous categories within minutes
- Provides industry best-practice recommendations for improving your system’s security
The iSecurity assessment checks user sign-on attributes, user privileges, passwords, terminals, ports, and more.
Results are provided instantly, with a score of current system security status in each of the categories provided, alongside what your system’s security status would be… if iSecurity was in place.
Besides producing a concise Executive Summary for managers, the various reports include colorful charts, a detailed written analysis, numerical scores, and clear, easy-to-follow security recommendations.
Assessment is part of iSecurity’s Compliance solution for PCI, SOX, HIPAA, site-defined, etc. regulatory issues.
– Access analysis
– Robust classification
– Selective scanning
– GUI interface
– Detailed report on system’s security status