SlideShare a Scribd company logo

The "Easy" Button for Provisioning IBM i Users

Download as PPTX, PDF
HelpSystems
HelpSystems

Do my system users have more authority than necessary? How can existing profiles quickly be brought into compliance? These are questions that every system administrator and security officer asks at one time or another. Provisioning new user profiles with appropriate authorities is a challenging task—especially when doing so over multiple systems or with a large number of users. It’s time consuming and, if done incorrectly, user provisioning can lead to potential security and compliance violations. Watch this recording to understand: The risks associated with special authorities - The amount of authority a user really needs - The mechanisms available for determining who possesses special authority - How PowerAdmin 2.0 can quickly create and maintain profiles - How PowerAdmin 2.0 can bring existing profiles into compliance

Software
1 of 28
1/21/15(c) 2015 PowerTech, A Division of HelpSystems The “Easy” Button for Provisioning IBM i Users
(c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
(c) 2015 PowerTech, A Division of HelpSystems Today's Speaker ROBIN TATAM Director of Security Technologies 952-563-2768 robin.tatam@powertech.com
(c) 2015 PowerTech, A Division of HelpSystems PAUL CULIN Sr. Information Security Engineer 952-563-2762 paul.culin@powertech.com Today's Speaker
(c) 2015 PowerTech, A Division of HelpSystems About PowerTech • Premier Provider of Security Solutions & Services – 18 years in the security industry as an established thought-leader – Customers in over 70 countries, representing every industry – Security subject matter expert for COMMON • IBM Advanced Business Partner • Member of PCI Security Standards Council • Authorized by NASBA to issue CPE Credits for Security Education • Publisher of the Annual “State of IBM i Security” Report
(c) 2015 PowerTech, A Division of HelpSystems Comprehensive Security Solutions for Power Systems
(c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
(c) 2015 PowerTech, A Division of HelpSystems PowerTech uses anonymous audit data from our Compliance Assessment tool to compile an annual study of security statistics. This study (available online) provides a picture of what IBM i shops are currently doing with their security controls. And, year after year, it shows that there is definitely still room (and a need) for improvement! (The study sample consists of security-aware environments.) The State of IBM i Security Study
(c) 2015 PowerTech, A Division of HelpSystems • Special Authorities are only for Administrators! – *ALLOBJ: Complete control of the system – *SAVSYS: Save, restore, and delete anything – *SPLCTL: Complete control of spooled files – *SERVICE: Alter hardware, storage, and clear disks – *SECADM: Create and delete user profiles – *JOBCTL: Manage jobs, PWRDWNSYS, and more – *IOSYSCFG: Configure communication services, TCP/IP – *AUDIT: Modify system audit values • Learn more at: www.helpsystems.com/powertech/managing-privileged-users-ibm Special Authorities: What's So Special?
(c) 2015 PowerTech, A Division of HelpSystems 2014 State of IBM i Security Study
(c) 2015 PowerTech, A Division of HelpSystems 2014 State of IBM i Security Study These are not the fault of the “end” user
(c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
(c) 2015 PowerTech, A Division of HelpSystems • Legislatures create laws – Sarbanes-Oxley, PCI, HIPAA, Gramm-Leach-Bliley, SB1386, and more • Laws are open to interpretation – Sarbanes-Oxley Section 404: • “Perform annual assessment of the effectiveness of internal control over financial reporting…” • “…and obtain attestation from external auditors” • Auditors are the interpreters Legislative Reactions
(c) 2015 PowerTech, A Division of HelpSystems • Auditors interpret regulations: – Auditors focus on frameworks and processes – Auditors have concluded that IT is lacking when it comes to internal controls • Executives follow auditor recommendations The Auditor's View
(c) 2015 PowerTech, A Division of HelpSystems • Distributed Provisioning: – Ensure that users are created on (and only on) the necessary systems • Programmers only on-boarded on development partitions • Rapid deployment of new users in defined roles • Audit and realignment during profile lifecycle • Simple end-of-life processing The Auditor's View
(c) 2015 PowerTech, A Division of HelpSystems • Resolve Inconsistencies: – Ensure that users are created using a standardized template • Special authorities • Command line restrictions • Initial program and menu • Accounting code Applicable to both uni- and multi-partition servers The Auditor's View
(c) 2015 PowerTech, A Division of HelpSystems Endless News Reports of Insider Breaches
(c) 2015 PowerTech, A Division of HelpSystems Solution: PowerAdmin TEMPLATE-BASED MANAGEMENT ROLE-BASED SECURITY EVENT HISTORY AND REPORTING HIGHLIGHT POLICY EXCEPTIONS OR UNAUTHORIZED UPDATES TO PROFILES
(c) 2015 PowerTech, A Division of HelpSystems • Government regulators and IT auditors demand accountability. • Legislatures have created laws that require us to prove that our IT infrastructure is secure. • Non-compliance penalties range from public disclosure and fines to prison sentences for executives. • Executives are finally taking IBM i security very seriously. Why PowerAdmin?
(c) 2015 PowerTech, A Division of HelpSystems • Allows you to reclaim the user lifecycle to ensure a consistent, managed profile environment – PowerAdmin lets you specify where and how users are deployed. – PowerAdmin removes the complexity and costs associated with managing profiles across many virtual machines. – PowerAdmin works with IBM i security to correctly protect assets. – PowerAdmin audits the configuration of users between their creation and deletion. Why PowerAdmin?
(c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
(c) 2015 PowerTech, A Division of HelpSystems • IT Security has executive attention – This is the best opportunity to solve long-standing problems – Gain management approval now • Control users with broad authority to production data – Leaving user configuration to chance is both an audit exception and an accident waiting to happen • Limit the deployment of powerful profiles – Monitor and report when profiles are non-compliant – Consistent provisioning of users Summary
(c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
(c) 2015 PowerTech, A Division of HelpSystems YOUR PC YOUR IBM i SERVER YOUR VULNERABILITIES Automated Vulnerability Testing
(c) 2015 PowerTech, A Division of HelpSystems Online Compliance Guide Security Policy Compliance Resources
(c) 2015 PowerTech, A Division of HelpSystems Other (FREE) Resources Please visit www.helpsystems.com/powertech to access: – Demonstration Videos & Trial Downloads – Product Information Data Sheets – White Papers & Technical Articles – Customer Success Stories – How-To Articles – To request a FREE Compliance Assessment www.helpsystems.com/powertech (800) 915-7700
(c) 2015 PowerTech, A Division of HelpSystems Questions
(c) 2015 PowerTech, A Division of HelpSystems +1 253-872-7788 info.powertech@helpsystems.com www.helpsystems.com/powertech

Recommended

Guia candidato puc
Guia candidato pucGuia candidato puc
Guia candidato pucInma Alvarez
 
Database 101 on IBM i
Database 101 on IBM iDatabase 101 on IBM i
Database 101 on IBM iHelpSystems
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalJerome Chapolard
 
Control charts tool
Control charts toolControl charts tool
Control charts toolMohit Singla
 
Pssst... It's Time to get Rid of Pre-Printed Forms
Pssst... It's Time to get Rid of Pre-Printed FormsPssst... It's Time to get Rid of Pre-Printed Forms
Pssst... It's Time to get Rid of Pre-Printed FormsHelpSystems
 
Vendimia 2012 ponencia
Vendimia 2012 ponenciaVendimia 2012 ponencia
Vendimia 2012 ponenciacarlprom
 
Guia De Estudio Digestivo
Guia De Estudio DigestivoGuia De Estudio Digestivo
Guia De Estudio DigestivoLuciana Yohai
 
Range Magazine (2011: Issue 2)
Range Magazine (2011: Issue 2)Range Magazine (2011: Issue 2)
Range Magazine (2011: Issue 2)alastairmcmillan
 

Recommended

Guia candidato puc
Guia candidato pucGuia candidato puc
Guia candidato pucInma Alvarez
 
Database 101 on IBM i
Database 101 on IBM iDatabase 101 on IBM i
Database 101 on IBM iHelpSystems
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalJerome Chapolard
 
Control charts tool
Control charts toolControl charts tool
Control charts toolMohit Singla
 
Pssst... It's Time to get Rid of Pre-Printed Forms
Pssst... It's Time to get Rid of Pre-Printed FormsPssst... It's Time to get Rid of Pre-Printed Forms
Pssst... It's Time to get Rid of Pre-Printed FormsHelpSystems
 
Vendimia 2012 ponencia
Vendimia 2012 ponenciaVendimia 2012 ponencia
Vendimia 2012 ponenciacarlprom
 
Guia De Estudio Digestivo
Guia De Estudio DigestivoGuia De Estudio Digestivo
Guia De Estudio DigestivoLuciana Yohai
 
Range Magazine (2011: Issue 2)
Range Magazine (2011: Issue 2)Range Magazine (2011: Issue 2)
Range Magazine (2011: Issue 2)alastairmcmillan
 
Curso IBM Redes SAN y Almacenamiento con Tivoli
Curso IBM Redes SAN y Almacenamiento con TivoliCurso IBM Redes SAN y Almacenamiento con Tivoli
Curso IBM Redes SAN y Almacenamiento con Tivolicamforma
 
Vorschau 1 / 2010 V&R unipress
Vorschau 1 / 2010 V&R unipress Vorschau 1 / 2010 V&R unipress
Vorschau 1 / 2010 V&R unipress Ich
 
HERRAMIENTAS DEL INTERNET
HERRAMIENTAS DEL INTERNETHERRAMIENTAS DEL INTERNET
HERRAMIENTAS DEL INTERNETbachiita
 
12 ssi bonprix
12 ssi bonprix12 ssi bonprix
12 ssi bonprixAndrea Colombetti
 
Self Help Legal Software and Unauthorized Practice of Law
Self Help Legal Software and Unauthorized Practice of LawSelf Help Legal Software and Unauthorized Practice of Law
Self Help Legal Software and Unauthorized Practice of LawRichard S. Granat
 
Cinthya barzallo c-administracion-a
Cinthya barzallo c-administracion-aCinthya barzallo c-administracion-a
Cinthya barzallo c-administracion-aCinthya Barzallo
 
Building your Brand Center with Athento -Smart Document Management-
Building your Brand Center with Athento -Smart Document Management- Building your Brand Center with Athento -Smart Document Management-
Building your Brand Center with Athento -Smart Document Management- Athento
 
Ahli United Bank
Ahli United BankAhli United Bank
Ahli United BankHossam Abdel bary
 
Getting Started with IBM i Security: Event Auditing
Getting Started with IBM i Security: Event AuditingGetting Started with IBM i Security: Event Auditing
Getting Started with IBM i Security: Event AuditingHelpSystems
 
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...Red de Bibliotecas del Instituto Cervantes
 
StandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackStandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackHelpSystems
 
Scheduling Survival Guide
Scheduling Survival Guide Scheduling Survival Guide
Scheduling Survival Guide HelpSystems
 
5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell YouHelpSystems
 
IT Backup & Restoration: Never Worry about a Late Backup Again
IT Backup & Restoration: Never Worry about a Late Backup AgainIT Backup & Restoration: Never Worry about a Late Backup Again
IT Backup & Restoration: Never Worry about a Late Backup AgainHelpSystems
 
PCI Compliance white paper
PCI Compliance white paper PCI Compliance white paper
PCI Compliance white paper HelpSystems
 
10 Tips for AIX Security
10 Tips for AIX Security10 Tips for AIX Security
10 Tips for AIX SecurityHelpSystems
 
Combatting Intruders on IBM i with IDS
Combatting Intruders on IBM i with IDSCombatting Intruders on IBM i with IDS
Combatting Intruders on IBM i with IDSHelpSystems
 
El Estado de la Seguridad de IBM i en 2020
El Estado de la Seguridad de IBM i en 2020El Estado de la Seguridad de IBM i en 2020
El Estado de la Seguridad de IBM i en 2020HelpSystems
 
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...HelpSystems
 
Rbt jdbc odbc webinar
Rbt jdbc odbc webinar Rbt jdbc odbc webinar
Rbt jdbc odbc webinar HelpSystems
 
RPA en 45 minutos
RPA en 45 minutos RPA en 45 minutos
RPA en 45 minutos HelpSystems
 
Webinar go anywhere_mft_scripts
Webinar go anywhere_mft_scriptsWebinar go anywhere_mft_scripts
Webinar go anywhere_mft_scriptsHelpSystems
 

More Related Content

Viewers also liked

Curso IBM Redes SAN y Almacenamiento con Tivoli
Curso IBM Redes SAN y Almacenamiento con TivoliCurso IBM Redes SAN y Almacenamiento con Tivoli
Curso IBM Redes SAN y Almacenamiento con Tivolicamforma
 
Vorschau 1 / 2010 V&R unipress
Vorschau 1 / 2010 V&R unipress Vorschau 1 / 2010 V&R unipress
Vorschau 1 / 2010 V&R unipress Ich
 
HERRAMIENTAS DEL INTERNET
HERRAMIENTAS DEL INTERNETHERRAMIENTAS DEL INTERNET
HERRAMIENTAS DEL INTERNETbachiita
 
Self Help Legal Software and Unauthorized Practice of Law
Self Help Legal Software and Unauthorized Practice of LawSelf Help Legal Software and Unauthorized Practice of Law
Self Help Legal Software and Unauthorized Practice of LawRichard S. Granat
 
Cinthya barzallo c-administracion-a
Cinthya barzallo c-administracion-aCinthya barzallo c-administracion-a
Cinthya barzallo c-administracion-aCinthya Barzallo
 
Building your Brand Center with Athento -Smart Document Management-
Building your Brand Center with Athento -Smart Document Management- Building your Brand Center with Athento -Smart Document Management-
Building your Brand Center with Athento -Smart Document Management- Athento
 
Getting Started with IBM i Security: Event Auditing
Getting Started with IBM i Security: Event AuditingGetting Started with IBM i Security: Event Auditing
Getting Started with IBM i Security: Event AuditingHelpSystems
 
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...Red de Bibliotecas del Instituto Cervantes
 
StandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackStandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackHelpSystems
 
Scheduling Survival Guide
Scheduling Survival Guide Scheduling Survival Guide
Scheduling Survival Guide HelpSystems
 
5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell YouHelpSystems
 
IT Backup & Restoration: Never Worry about a Late Backup Again
IT Backup & Restoration: Never Worry about a Late Backup AgainIT Backup & Restoration: Never Worry about a Late Backup Again
IT Backup & Restoration: Never Worry about a Late Backup AgainHelpSystems
 
PCI Compliance white paper
PCI Compliance white paper PCI Compliance white paper
PCI Compliance white paper HelpSystems
 
10 Tips for AIX Security
10 Tips for AIX Security10 Tips for AIX Security
10 Tips for AIX SecurityHelpSystems
 
Combatting Intruders on IBM i with IDS
Combatting Intruders on IBM i with IDSCombatting Intruders on IBM i with IDS
Combatting Intruders on IBM i with IDSHelpSystems
 

Viewers also liked (17)

Curso IBM Redes SAN y Almacenamiento con Tivoli
Curso IBM Redes SAN y Almacenamiento con TivoliCurso IBM Redes SAN y Almacenamiento con Tivoli
Curso IBM Redes SAN y Almacenamiento con Tivoli
 
Vorschau 1 / 2010 V&R unipress
Vorschau 1 / 2010 V&R unipress Vorschau 1 / 2010 V&R unipress
Vorschau 1 / 2010 V&R unipress
 
HERRAMIENTAS DEL INTERNET
HERRAMIENTAS DEL INTERNETHERRAMIENTAS DEL INTERNET
HERRAMIENTAS DEL INTERNET
 
12 ssi bonprix
12 ssi bonprix12 ssi bonprix
12 ssi bonprix
 
Self Help Legal Software and Unauthorized Practice of Law
Self Help Legal Software and Unauthorized Practice of LawSelf Help Legal Software and Unauthorized Practice of Law
Self Help Legal Software and Unauthorized Practice of Law
 
Cinthya barzallo c-administracion-a
Cinthya barzallo c-administracion-aCinthya barzallo c-administracion-a
Cinthya barzallo c-administracion-a
 
Building your Brand Center with Athento -Smart Document Management-
Building your Brand Center with Athento -Smart Document Management- Building your Brand Center with Athento -Smart Document Management-
Building your Brand Center with Athento -Smart Document Management-
 
Ahli United Bank
Ahli United BankAhli United Bank
Ahli United Bank
 
Getting Started with IBM i Security: Event Auditing
Getting Started with IBM i Security: Event AuditingGetting Started with IBM i Security: Event Auditing
Getting Started with IBM i Security: Event Auditing
 
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
Renovaciones y reservas Biblioteca Álvaro Cunqueiro Instituto Cervantes de Da...
 
StandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech PackStandGuard Anti-Virus Tech Pack
StandGuard Anti-Virus Tech Pack
 
Scheduling Survival Guide
Scheduling Survival Guide Scheduling Survival Guide
Scheduling Survival Guide
 
5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You5 Things Your Security Administrator Should Tell You
5 Things Your Security Administrator Should Tell You
 
IT Backup & Restoration: Never Worry about a Late Backup Again
IT Backup & Restoration: Never Worry about a Late Backup AgainIT Backup & Restoration: Never Worry about a Late Backup Again
IT Backup & Restoration: Never Worry about a Late Backup Again
 
PCI Compliance white paper
PCI Compliance white paper PCI Compliance white paper
PCI Compliance white paper
 
10 Tips for AIX Security
10 Tips for AIX Security10 Tips for AIX Security
10 Tips for AIX Security
 
Combatting Intruders on IBM i with IDS
Combatting Intruders on IBM i with IDSCombatting Intruders on IBM i with IDS
Combatting Intruders on IBM i with IDS
 

More from HelpSystems

El Estado de la Seguridad de IBM i en 2020
El Estado de la Seguridad de IBM i en 2020El Estado de la Seguridad de IBM i en 2020
El Estado de la Seguridad de IBM i en 2020HelpSystems
 
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...HelpSystems
 
Rbt jdbc odbc webinar
Rbt jdbc odbc webinar Rbt jdbc odbc webinar
Rbt jdbc odbc webinar HelpSystems
 
RPA en 45 minutos
RPA en 45 minutos RPA en 45 minutos
RPA en 45 minutos HelpSystems
 
Webinar go anywhere_mft_scripts
Webinar go anywhere_mft_scriptsWebinar go anywhere_mft_scripts
Webinar go anywhere_mft_scriptsHelpSystems
 
Automatización de Procesos de IT
Automatización de Procesos de ITAutomatización de Procesos de IT
Automatización de Procesos de ITHelpSystems
 
Hs 2020-ibmi-marketplace-spanish v3
Hs 2020-ibmi-marketplace-spanish v3Hs 2020-ibmi-marketplace-spanish v3
Hs 2020-ibmi-marketplace-spanish v3HelpSystems
 
Caso de éxito Zurich automatiza sus procesos críticos de Negocio con RPA
Caso de éxito Zurich automatiza sus procesos críticos de Negocio con RPACaso de éxito Zurich automatiza sus procesos críticos de Negocio con RPA
Caso de éxito Zurich automatiza sus procesos críticos de Negocio con RPAHelpSystems
 
Centro de Excelencia en Automatización 3
Centro de Excelencia en Automatización 3Centro de Excelencia en Automatización 3
Centro de Excelencia en Automatización 3HelpSystems
 
Cómo crear un Centro de Excelencia de Automatización 2
Cómo crear un Centro de Excelencia de Automatización 2Cómo crear un Centro de Excelencia de Automatización 2
Cómo crear un Centro de Excelencia de Automatización 2HelpSystems
 
Construyendo un Centro de Excelencia de Automatización PARTE 1
Construyendo un Centro de Excelencia de Automatización PARTE 1Construyendo un Centro de Excelencia de Automatización PARTE 1
Construyendo un Centro de Excelencia de Automatización PARTE 1HelpSystems
 
Webinar Vityl IT & Business Monitoring
Webinar Vityl IT & Business MonitoringWebinar Vityl IT & Business Monitoring
Webinar Vityl IT & Business MonitoringHelpSystems
 
1 año de RGPD: 3 formas en las que HelpSystems puede ayudar
1 año de RGPD: 3 formas en las que HelpSystems puede ayudar1 año de RGPD: 3 formas en las que HelpSystems puede ayudar
1 año de RGPD: 3 formas en las que HelpSystems puede ayudarHelpSystems
 
Automate feature tour
Automate feature tourAutomate feature tour
Automate feature tourHelpSystems
 
WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...
WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...
WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...HelpSystems
 
5 problemas del intercambio de archivos mediante scripts
5 problemas del intercambio de archivos mediante scripts5 problemas del intercambio de archivos mediante scripts
5 problemas del intercambio de archivos mediante scriptsHelpSystems
 
CASO DE ÉXITO: Grupo Banco San Juan
CASO DE ÉXITO: Grupo Banco San JuanCASO DE ÉXITO: Grupo Banco San Juan
CASO DE ÉXITO: Grupo Banco San JuanHelpSystems
 
Webinar Security Scan
Webinar Security ScanWebinar Security Scan
Webinar Security ScanHelpSystems
 

More from HelpSystems (20)

El Estado de la Seguridad de IBM i en 2020
El Estado de la Seguridad de IBM i en 2020El Estado de la Seguridad de IBM i en 2020
El Estado de la Seguridad de IBM i en 2020
 
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
Ciberseguridad Cómo identificar con certeza dispositivos comprometidos en la...
 
Rbt jdbc odbc webinar
Rbt jdbc odbc webinar Rbt jdbc odbc webinar
Rbt jdbc odbc webinar
 
RPA en 45 minutos
RPA en 45 minutos RPA en 45 minutos
RPA en 45 minutos
 
Webinar go anywhere_mft_scripts
Webinar go anywhere_mft_scriptsWebinar go anywhere_mft_scripts
Webinar go anywhere_mft_scripts
 
Automatización de Procesos de IT
Automatización de Procesos de ITAutomatización de Procesos de IT
Automatización de Procesos de IT
 
Hs 2020-ibmi-marketplace-spanish v3
Hs 2020-ibmi-marketplace-spanish v3Hs 2020-ibmi-marketplace-spanish v3
Hs 2020-ibmi-marketplace-spanish v3
 
Mft 45 minutos
Mft 45 minutosMft 45 minutos
Mft 45 minutos
 
Caso de éxito Zurich automatiza sus procesos críticos de Negocio con RPA
Caso de éxito Zurich automatiza sus procesos críticos de Negocio con RPACaso de éxito Zurich automatiza sus procesos críticos de Negocio con RPA
Caso de éxito Zurich automatiza sus procesos críticos de Negocio con RPA
 
Centro de Excelencia en Automatización 3
Centro de Excelencia en Automatización 3Centro de Excelencia en Automatización 3
Centro de Excelencia en Automatización 3
 
Cómo crear un Centro de Excelencia de Automatización 2
Cómo crear un Centro de Excelencia de Automatización 2Cómo crear un Centro de Excelencia de Automatización 2
Cómo crear un Centro de Excelencia de Automatización 2
 
Construyendo un Centro de Excelencia de Automatización PARTE 1
Construyendo un Centro de Excelencia de Automatización PARTE 1Construyendo un Centro de Excelencia de Automatización PARTE 1
Construyendo un Centro de Excelencia de Automatización PARTE 1
 
Webinar Vityl IT & Business Monitoring
Webinar Vityl IT & Business MonitoringWebinar Vityl IT & Business Monitoring
Webinar Vityl IT & Business Monitoring
 
1 año de RGPD: 3 formas en las que HelpSystems puede ayudar
1 año de RGPD: 3 formas en las que HelpSystems puede ayudar1 año de RGPD: 3 formas en las que HelpSystems puede ayudar
1 año de RGPD: 3 formas en las que HelpSystems puede ayudar
 
Mft 45 minutos
Mft 45 minutosMft 45 minutos
Mft 45 minutos
 
Automate feature tour
Automate feature tourAutomate feature tour
Automate feature tour
 
WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...
WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...
WEBINAR GRABADO Automatización de procesos de IT: tecnologías más usadas, cas...
 
5 problemas del intercambio de archivos mediante scripts
5 problemas del intercambio de archivos mediante scripts5 problemas del intercambio de archivos mediante scripts
5 problemas del intercambio de archivos mediante scripts
 
CASO DE ÉXITO: Grupo Banco San Juan
CASO DE ÉXITO: Grupo Banco San JuanCASO DE ÉXITO: Grupo Banco San Juan
CASO DE ÉXITO: Grupo Banco San Juan
 
Webinar Security Scan
Webinar Security ScanWebinar Security Scan
Webinar Security Scan
 

Recently uploaded

Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentVictorSzoltysek
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplatePresentation.STUDIO
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2
 

Recently uploaded (20)

Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 

The "Easy" Button for Provisioning IBM i Users

  • 1. 1/21/15(c) 2015 PowerTech, A Division of HelpSystems The “Easy” Button for Provisioning IBM i Users
  • 2. (c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
  • 3. (c) 2015 PowerTech, A Division of HelpSystems Today's Speaker ROBIN TATAM Director of Security Technologies 952-563-2768 robin.tatam@powertech.com
  • 4. (c) 2015 PowerTech, A Division of HelpSystems PAUL CULIN Sr. Information Security Engineer 952-563-2762 paul.culin@powertech.com Today's Speaker
  • 5. (c) 2015 PowerTech, A Division of HelpSystems About PowerTech • Premier Provider of Security Solutions & Services – 18 years in the security industry as an established thought-leader – Customers in over 70 countries, representing every industry – Security subject matter expert for COMMON • IBM Advanced Business Partner • Member of PCI Security Standards Council • Authorized by NASBA to issue CPE Credits for Security Education • Publisher of the Annual “State of IBM i Security” Report
  • 6. (c) 2015 PowerTech, A Division of HelpSystems Comprehensive Security Solutions for Power Systems
  • 7. (c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
  • 8. (c) 2015 PowerTech, A Division of HelpSystems PowerTech uses anonymous audit data from our Compliance Assessment tool to compile an annual study of security statistics. This study (available online) provides a picture of what IBM i shops are currently doing with their security controls. And, year after year, it shows that there is definitely still room (and a need) for improvement! (The study sample consists of security-aware environments.) The State of IBM i Security Study
  • 9. (c) 2015 PowerTech, A Division of HelpSystems • Special Authorities are only for Administrators! – *ALLOBJ: Complete control of the system – *SAVSYS: Save, restore, and delete anything – *SPLCTL: Complete control of spooled files – *SERVICE: Alter hardware, storage, and clear disks – *SECADM: Create and delete user profiles – *JOBCTL: Manage jobs, PWRDWNSYS, and more – *IOSYSCFG: Configure communication services, TCP/IP – *AUDIT: Modify system audit values • Learn more at: www.helpsystems.com/powertech/managing-privileged-users-ibm Special Authorities: What's So Special?
  • 10. (c) 2015 PowerTech, A Division of HelpSystems 2014 State of IBM i Security Study
  • 11. (c) 2015 PowerTech, A Division of HelpSystems 2014 State of IBM i Security Study These are not the fault of the “end” user
  • 12. (c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
  • 13. (c) 2015 PowerTech, A Division of HelpSystems • Legislatures create laws – Sarbanes-Oxley, PCI, HIPAA, Gramm-Leach-Bliley, SB1386, and more • Laws are open to interpretation – Sarbanes-Oxley Section 404: • “Perform annual assessment of the effectiveness of internal control over financial reporting…” • “…and obtain attestation from external auditors” • Auditors are the interpreters Legislative Reactions
  • 14. (c) 2015 PowerTech, A Division of HelpSystems • Auditors interpret regulations: – Auditors focus on frameworks and processes – Auditors have concluded that IT is lacking when it comes to internal controls • Executives follow auditor recommendations The Auditor's View
  • 15. (c) 2015 PowerTech, A Division of HelpSystems • Distributed Provisioning: – Ensure that users are created on (and only on) the necessary systems • Programmers only on-boarded on development partitions • Rapid deployment of new users in defined roles • Audit and realignment during profile lifecycle • Simple end-of-life processing The Auditor's View
  • 16. (c) 2015 PowerTech, A Division of HelpSystems • Resolve Inconsistencies: – Ensure that users are created using a standardized template • Special authorities • Command line restrictions • Initial program and menu • Accounting code Applicable to both uni- and multi-partition servers The Auditor's View
  • 17. (c) 2015 PowerTech, A Division of HelpSystems Endless News Reports of Insider Breaches
  • 18. (c) 2015 PowerTech, A Division of HelpSystems Solution: PowerAdmin TEMPLATE-BASED MANAGEMENT ROLE-BASED SECURITY EVENT HISTORY AND REPORTING HIGHLIGHT POLICY EXCEPTIONS OR UNAUTHORIZED UPDATES TO PROFILES
  • 19. (c) 2015 PowerTech, A Division of HelpSystems • Government regulators and IT auditors demand accountability. • Legislatures have created laws that require us to prove that our IT infrastructure is secure. • Non-compliance penalties range from public disclosure and fines to prison sentences for executives. • Executives are finally taking IBM i security very seriously. Why PowerAdmin?
  • 20. (c) 2015 PowerTech, A Division of HelpSystems • Allows you to reclaim the user lifecycle to ensure a consistent, managed profile environment – PowerAdmin lets you specify where and how users are deployed. – PowerAdmin removes the complexity and costs associated with managing profiles across many virtual machines. – PowerAdmin works with IBM i security to correctly protect assets. – PowerAdmin audits the configuration of users between their creation and deletion. Why PowerAdmin?
  • 21. (c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
  • 22. (c) 2015 PowerTech, A Division of HelpSystems • IT Security has executive attention – This is the best opportunity to solve long-standing problems – Gain management approval now • Control users with broad authority to production data – Leaving user configuration to chance is both an audit exception and an accident waiting to happen • Limit the deployment of powerful profiles – Monitor and report when profiles are non-compliant – Consistent provisioning of users Summary
  • 23. (c) 2015 PowerTech, A Division of HelpSystems • Introduction • The Profile Challenge • Why Policy Matters • PowerAdmin Demonstration • Free Resources Today's Agenda
  • 24. (c) 2015 PowerTech, A Division of HelpSystems YOUR PC YOUR IBM i SERVER YOUR VULNERABILITIES Automated Vulnerability Testing
  • 25. (c) 2015 PowerTech, A Division of HelpSystems Online Compliance Guide Security Policy Compliance Resources
  • 26. (c) 2015 PowerTech, A Division of HelpSystems Other (FREE) Resources Please visit www.helpsystems.com/powertech to access: – Demonstration Videos & Trial Downloads – Product Information Data Sheets – White Papers & Technical Articles – Customer Success Stories – How-To Articles – To request a FREE Compliance Assessment www.helpsystems.com/powertech (800) 915-7700
  • 27. (c) 2015 PowerTech, A Division of HelpSystems Questions
  • 28. (c) 2015 PowerTech, A Division of HelpSystems +1 253-872-7788 info.powertech@helpsystems.com www.helpsystems.com/powertech