SlideShare a Scribd company logo

Essential Layers of IBM i Security: File and Field Security

Download as PPTX, PDF
Precisely
Precisely

Numerous regulations require that sensitive data is protected and cannot be seen by unauthorized individuals, whether internal or external.  Learn the keys to protecting files and data on the IBM i.

Technology
1 of 26
Layers of Security File and Field Security Patrick Townsend – Founder and CEO, Townsend Security Bill Hammond – Sr, Product Marketing Manager
Housekeeping Webinar Audio • Today’s webinar audio is streamed through your computer speakers • If you need technical assistance with the web interface or audio, please reach out to us using the Q&A box Questions Welcome • Submit your questions at any time during the presentation using the Q&A box Recording and slides • This webinar is being recorded. You will receive an email following the webinar with a link to the recording and slides 2
Today’s Agenda • Layers of Security Overview • IBM i File and Field Security • Object-level authority management • Row and Column Access Control (RCAC) • File-access protection • Encryption • Tokenization of field data • Anonymization • Q & A 3
Townsend Security ENCRYPTION KEY MANAGEMENT 4 Townsend Security creates data privacy solutions that help organizations meet evolving compliance requirements and mitigate the risk of data breaches and cyber-attacks. The company’s solutions easily integrate with Precisely’s Assure Security products. Companies worldwide trust Townsend Security’s NIST and FIPS 140-2 compliant solutions to meet encryption and key management requirements in PCI DSS, GDPR, CCPA, HIPAA/HITECH, FISMA, and other regulatory compliance requirements. Technology Partners Include
Layers of Security 5
IBM i File and Field Security Protect personally identifiable information (PII), personal health information (PHI), personal credit card information, and other sensitive data from being exposed should a breach occur. 6
IBM i File and Field Security 1 Object-level authority management 2 Row and Column Access Control (RCAC) 3 File-access protection 5 Encryption7 4 6 Tokenization of field data Anonymization
Object-level authority management
Object-level authority management 9 • For any file (*FILE or *STMF) containing sensitive data, it is critical that the authority designation is set to PUBLIC (*EXCLUDE). • Designated users can be given specific authority to: • Access these files through private authority • Group profiles can help with administration • Access via application techniques that inherit additional authority • Program adopted authority • Profile swapping
Row and Column Access Control (RCAC)
Row and Column Access Control (RCAC) • Included with Db2 beginning with 7.2 of the IBM i OS, RCAC provides the ability to prevent selected users from viewing specified rows in a file and/or data in particular columns. • For example, accounting staff should only be able to see rows in a file where the Department field equals “Accounting,” or only select managers should be able to see the Salary column within a file. • Note that RCAC cannot be used for IFS stream files • Compatible with FieldProc encryption – use both! 11
File-access protection
File-access protection 13 • Building upon object-level authority management, various exit points can be used with rules-based exit programs to further control access to files in very specific ways; • A particular file may only be accessed or a particular command may only be used during specific days or hours. • Third-party solutions streamline the creation and management of these kinds of exit programs HINT: Remember to enable system logging and collect authority failures.
Encryption
Encryption 15 • By combining one or more publicly available algorithms with a proprietary encryption key, human-readable data is transformed into unreadable “ciphertext.” • When the encrypted data needs to be decrypted for permitted users, the same encryption key is used. • Encryption requires the careful management of encryption keys to ensure they don’t fall into the wrong hands. CAUTION: Newer regulations like CCPA requirement proper key management! Storing keys on the same server may expose you to litigation (see California AB 1130 – Data Breach Notification)
Encryption Data at Rest • Precisely encryption solutions can encrypt sensitive data on the IBM i—such as credit card numbers—at the field level within databases. • Technologies are also available that encrypt backup media and disk drives Data in Motion • Encrypt application data sent across networks. • When entire files containing sensitive information need to be sent between systems or entities via FTP, they should always be encrypted, both during transit and when transfer files reside within send/receive staging areas. • Secure file transfer processes are typically done with third-party solutions as they provide strong algorithms, sound encryption-key management processes, and a variety of features that streamline and automate file transfer processes. 16
Tokenization of field data
Tokenization 18 • Replace sensitive data with non-sensitive substitute values called tokens • Third-party tokenization solutions • utilize a database called a token vault • stores both the sensitive data and information about the relationship between it and its replacement token • permanently replaces sensitive data with a substitute value • Tokenization is often used to replace credit card numbers, social security numbers, and other personally identifiable information.
Anonymization
Anonymization 20 • Differences from Tokenization • Eliminates use of a token vault • Permanently replaces sensitive data with a substitute value • Makes the original data unrecoverable • Top use case for anonymization • Production data needed for development • Production data being used in a test environments.
Top Takeaways • Know where your sensitive data is • Know where your sensitive data goes • Know who should have access to the data • Apply encryption and access controls • Do periodic reviews! Data tends to leak into unexpected places. No one regretted protecting their sensitive data AFTER they had a data breach. 21
Layers of Security 22
Download the White Paper The six layers of IBM i security and how Precisely can help 23 https://www.precisely.com/resource-center/whitepapers/the-essential- layers-of-ibm-i-security
Layers of Security Webinar Series 24 Topic 1 Topic 2 Topic 3 access on Resource Center Topic 5 Topic 6Topic 4 register now!today
Q & A
Essential Layers of IBM i Security: File and Field Security

Recommended

IBM i Security SIEM Integration
IBM i Security SIEM IntegrationIBM i Security SIEM Integration
IBM i Security SIEM Integration
Precisely
 
Essential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and AuditingEssential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and Auditing
Precisely
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
Precisely
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
Precisely
 
Chapter 5 - Identity Management
Chapter 5 - Identity ManagementChapter 5 - Identity Management
Chapter 5 - Identity Management
Karthikeyan Dhayalan
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & Ethics
Karthikeyan Dhayalan
 
CNIT 160 Ch 4c: Security Program Development (Part 3)
CNIT 160 Ch 4c: Security Program Development (Part 3)CNIT 160 Ch 4c: Security Program Development (Part 3)
CNIT 160 Ch 4c: Security Program Development (Part 3)
Sam Bowne
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
Precisely
 

Recommended

IBM i Security SIEM Integration
IBM i Security SIEM IntegrationIBM i Security SIEM Integration
IBM i Security SIEM Integration
Precisely
 
Essential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and AuditingEssential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and Auditing
Precisely
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and Security
Precisely
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
Precisely
 
Chapter 5 - Identity Management
Chapter 5 - Identity ManagementChapter 5 - Identity Management
Chapter 5 - Identity Management
Karthikeyan Dhayalan
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & Ethics
Karthikeyan Dhayalan
 
CNIT 160 Ch 4c: Security Program Development (Part 3)
CNIT 160 Ch 4c: Security Program Development (Part 3)CNIT 160 Ch 4c: Security Program Development (Part 3)
CNIT 160 Ch 4c: Security Program Development (Part 3)
Sam Bowne
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
Precisely
 
CNIT 160 Ch 4 Information Security Program Development (Part 3)
CNIT 160 Ch 4 Information Security Program Development (Part 3)CNIT 160 Ch 4 Information Security Program Development (Part 3)
CNIT 160 Ch 4 Information Security Program Development (Part 3)
Sam Bowne
 
Security 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and DataSecurity 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and Data
Precisely
 
CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in SplunkGet Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Precisely
 
6. Security Assessment and Testing
6. Security Assessment and Testing6. Security Assessment and Testing
6. Security Assessment and Testing
Sam Bowne
 
Security 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and DataSecurity 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and Data
Precisely
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019
Derek Banks
 
CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
Log maintenance network securiy
Log maintenance network securiyLog maintenance network securiy
Log maintenance network securiy
Mohsin Ali
 
Essential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access SecurityEssential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access Security
Precisely
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
Sam Bowne
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security Engineering
Sam Bowne
 
CNIT 125 7. Security Assessment and Testing
CNIT 125 7. Security Assessment and TestingCNIT 125 7. Security Assessment and Testing
CNIT 125 7. Security Assessment and Testing
Sam Bowne
 
Flash Friday: Data Quality & GDPR
Flash Friday: Data Quality & GDPRFlash Friday: Data Quality & GDPR
Flash Friday: Data Quality & GDPR
Precisely
 
PCI Compliance White Paper
PCI Compliance White PaperPCI Compliance White Paper
PCI Compliance White Paper
Raz-Lee Security
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
Precisely
 
Introducing Assure Security Risk Assessment
Introducing Assure Security Risk AssessmentIntroducing Assure Security Risk Assessment
Introducing Assure Security Risk Assessment
Precisely
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networks
jayussuryawan
 
Essential Security Control Implementation in IT
Essential Security Control Implementation in ITEssential Security Control Implementation in IT
Essential Security Control Implementation in IT
Professor Lili Saghafi
 
7. Security Operations
7. Security Operations7. Security Operations
7. Security Operations
Sam Bowne
 
Key Concepts for Protecting the Privacy of IBM i Data
Key Concepts for Protecting the Privacy of IBM i DataKey Concepts for Protecting the Privacy of IBM i Data
Key Concepts for Protecting the Privacy of IBM i Data
Precisely
 
Securing Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-MotionSecuring Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-Motion
Precisely
 

More Related Content

What's hot

CNIT 160 Ch 4 Information Security Program Development (Part 3)
CNIT 160 Ch 4 Information Security Program Development (Part 3)CNIT 160 Ch 4 Information Security Program Development (Part 3)
CNIT 160 Ch 4 Information Security Program Development (Part 3)
Sam Bowne
 
Security 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and DataSecurity 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and Data
Precisely
 
CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in SplunkGet Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Precisely
 
6. Security Assessment and Testing
6. Security Assessment and Testing6. Security Assessment and Testing
6. Security Assessment and Testing
Sam Bowne
 
Security 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and DataSecurity 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and Data
Precisely
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019
Derek Banks
 
CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)
Sam Bowne
 
Log maintenance network securiy
Log maintenance network securiyLog maintenance network securiy
Log maintenance network securiy
Mohsin Ali
 
Essential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access SecurityEssential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access Security
Precisely
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
Sam Bowne
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security Engineering
Sam Bowne
 
CNIT 125 7. Security Assessment and Testing
CNIT 125 7. Security Assessment and TestingCNIT 125 7. Security Assessment and Testing
CNIT 125 7. Security Assessment and Testing
Sam Bowne
 
Flash Friday: Data Quality & GDPR
Flash Friday: Data Quality & GDPRFlash Friday: Data Quality & GDPR
Flash Friday: Data Quality & GDPR
Precisely
 
PCI Compliance White Paper
PCI Compliance White PaperPCI Compliance White Paper
PCI Compliance White Paper
Raz-Lee Security
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
Precisely
 
Introducing Assure Security Risk Assessment
Introducing Assure Security Risk AssessmentIntroducing Assure Security Risk Assessment
Introducing Assure Security Risk Assessment
Precisely
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networks
jayussuryawan
 
Essential Security Control Implementation in IT
Essential Security Control Implementation in ITEssential Security Control Implementation in IT
Essential Security Control Implementation in IT
Professor Lili Saghafi
 
7. Security Operations
7. Security Operations7. Security Operations
7. Security Operations
Sam Bowne
 

What's hot (20)

CNIT 160 Ch 4 Information Security Program Development (Part 3)
CNIT 160 Ch 4 Information Security Program Development (Part 3)CNIT 160 Ch 4 Information Security Program Development (Part 3)
CNIT 160 Ch 4 Information Security Program Development (Part 3)
 
Security 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and DataSecurity 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and Data
 
CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)
 
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in SplunkGet Mainframe Visibility to Enhance SIEM Efforts in Splunk
Get Mainframe Visibility to Enhance SIEM Efforts in Splunk
 
6. Security Assessment and Testing
6. Security Assessment and Testing6. Security Assessment and Testing
6. Security Assessment and Testing
 
Security 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and DataSecurity 101: Controlling Access to IBM i Systems and Data
Security 101: Controlling Access to IBM i Systems and Data
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019
 
CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)CNIT 160 4d Security Program Management (Part 4)
CNIT 160 4d Security Program Management (Part 4)
 
Log maintenance network securiy
Log maintenance network securiyLog maintenance network securiy
Log maintenance network securiy
 
Essential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access SecurityEssential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access Security
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
 
3. Security Engineering
3. Security Engineering3. Security Engineering
3. Security Engineering
 
CNIT 125 7. Security Assessment and Testing
CNIT 125 7. Security Assessment and TestingCNIT 125 7. Security Assessment and Testing
CNIT 125 7. Security Assessment and Testing
 
Flash Friday: Data Quality & GDPR
Flash Friday: Data Quality & GDPRFlash Friday: Data Quality & GDPR
Flash Friday: Data Quality & GDPR
 
PCI Compliance White Paper
PCI Compliance White PaperPCI Compliance White Paper
PCI Compliance White Paper
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
 
Introducing Assure Security Risk Assessment
Introducing Assure Security Risk AssessmentIntroducing Assure Security Risk Assessment
Introducing Assure Security Risk Assessment
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networks
 
Essential Security Control Implementation in IT
Essential Security Control Implementation in ITEssential Security Control Implementation in IT
Essential Security Control Implementation in IT
 
7. Security Operations
7. Security Operations7. Security Operations
7. Security Operations
 

Similar to Essential Layers of IBM i Security: File and Field Security

Key Concepts for Protecting the Privacy of IBM i Data
Key Concepts for Protecting the Privacy of IBM i DataKey Concepts for Protecting the Privacy of IBM i Data
Key Concepts for Protecting the Privacy of IBM i Data
Precisely
 
Securing Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-MotionSecuring Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-Motion
Precisely
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
Precisely
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Precisely
 
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeAsug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Dharma Atluri
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
Micro Focus
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
Precisely
 
IBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work TogetherIBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work Together
Precisely
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
MarketingArrowECS_CZ
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
Precisely
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Secure Channels Financal Institution Presentation
Secure Channels Financal Institution PresentationSecure Channels Financal Institution Presentation
Secure Channels Financal Institution Presentation
Richard Blech
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
Precisely
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
Trend Micro
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
Flaskdata.io
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
Precisely
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected Environments
Precisely
 
Taking Control of Access to Your IBM i Systems and Data
Taking Control of Access to Your IBM i Systems and DataTaking Control of Access to Your IBM i Systems and Data
Taking Control of Access to Your IBM i Systems and Data
Precisely
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
LennartF
 
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossSeqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Quick Heal Technologies Ltd.
 

Similar to Essential Layers of IBM i Security: File and Field Security (20)

Key Concepts for Protecting the Privacy of IBM i Data
Key Concepts for Protecting the Privacy of IBM i DataKey Concepts for Protecting the Privacy of IBM i Data
Key Concepts for Protecting the Privacy of IBM i Data
 
Securing Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-MotionSecuring Sensitive IBM i Data At-Rest and In-Motion
Securing Sensitive IBM i Data At-Rest and In-Motion
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
 
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscapeAsug84339 how to secure privacy data in a hybrid s4 hana landscape
Asug84339 how to secure privacy data in a hybrid s4 hana landscape
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
IBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work TogetherIBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work Together
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Secure Channels Financal Institution Presentation
Secure Channels Financal Institution PresentationSecure Channels Financal Institution Presentation
Secure Channels Financal Institution Presentation
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure code
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
 
Enterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected EnvironmentsEnterprise Security in Mainframe-Connected Environments
Enterprise Security in Mainframe-Connected Environments
 
Taking Control of Access to Your IBM i Systems and Data
Taking Control of Access to Your IBM i Systems and DataTaking Control of Access to Your IBM i Systems and Data
Taking Control of Access to Your IBM i Systems and Data
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
 
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossSeqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
 

More from Precisely

AI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptxAI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptx
Precisely
 
Building a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i SecurityBuilding a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i Security
Precisely
 
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdfOptimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Precisely
 
Chaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdfChaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdf
Precisely
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Precisely
 
Navigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful MigrationNavigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful Migration
Precisely
 
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google ChronicleUnlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Precisely
 
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdfHow to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
Precisely
 
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenZukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Precisely
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
Precisely
 
Crucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfCrucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdf
Precisely
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Precisely
 
Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10
Precisely
 
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Precisely
 
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Precisely
 
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3fTestjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Precisely
 
Data Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity TrendsData Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity Trends
Precisely
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
Precisely
 
Optimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAPOptimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAP
Precisely
 
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige InvestitionenSAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
Precisely
 

More from Precisely (20)

AI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptxAI-Ready Data - The Key to Transforming Projects into Production.pptx
AI-Ready Data - The Key to Transforming Projects into Production.pptx
 
Building a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i SecurityBuilding a Multi-Layered Defense for Your IBM i Security
Building a Multi-Layered Defense for Your IBM i Security
 
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdfOptimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
Optimierte Daten und Prozesse mit KI / ML + SAP Fiori.pdf
 
Chaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdfChaining, Looping, and Long Text for Script Development and Automation.pdf
Chaining, Looping, and Long Text for Script Development and Automation.pdf
 
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial IntelligenceRevolutionizing SAP® Processes with Automation and Artificial Intelligence
Revolutionizing SAP® Processes with Automation and Artificial Intelligence
 
Navigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful MigrationNavigating the Cloud: Best Practices for Successful Migration
Navigating the Cloud: Best Practices for Successful Migration
 
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google ChronicleUnlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
 
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdfHow to Build Data Governance Programs That Last - A Business-First Approach.pdf
How to Build Data Governance Programs That Last - A Business-First Approach.pdf
 
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenZukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Crucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfCrucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10
 
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
 
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
 
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3fTestjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
 
Data Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity TrendsData Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity Trends
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Optimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAPOptimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAP
 
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige InvestitionenSAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
 

Recently uploaded

Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 

Recently uploaded (20)

Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 

Essential Layers of IBM i Security: File and Field Security

  • 1. Layers of Security File and Field Security Patrick Townsend – Founder and CEO, Townsend Security Bill Hammond – Sr, Product Marketing Manager
  • 2. Housekeeping Webinar Audio • Today’s webinar audio is streamed through your computer speakers • If you need technical assistance with the web interface or audio, please reach out to us using the Q&A box Questions Welcome • Submit your questions at any time during the presentation using the Q&A box Recording and slides • This webinar is being recorded. You will receive an email following the webinar with a link to the recording and slides 2
  • 3. Today’s Agenda • Layers of Security Overview • IBM i File and Field Security • Object-level authority management • Row and Column Access Control (RCAC) • File-access protection • Encryption • Tokenization of field data • Anonymization • Q & A 3
  • 4. Townsend Security ENCRYPTION KEY MANAGEMENT 4 Townsend Security creates data privacy solutions that help organizations meet evolving compliance requirements and mitigate the risk of data breaches and cyber-attacks. The company’s solutions easily integrate with Precisely’s Assure Security products. Companies worldwide trust Townsend Security’s NIST and FIPS 140-2 compliant solutions to meet encryption and key management requirements in PCI DSS, GDPR, CCPA, HIPAA/HITECH, FISMA, and other regulatory compliance requirements. Technology Partners Include
  • 6. IBM i File and Field Security Protect personally identifiable information (PII), personal health information (PHI), personal credit card information, and other sensitive data from being exposed should a breach occur. 6
  • 7. IBM i File and Field Security 1 Object-level authority management 2 Row and Column Access Control (RCAC) 3 File-access protection 5 Encryption7 4 6 Tokenization of field data Anonymization
  • 9. Object-level authority management 9 • For any file (*FILE or *STMF) containing sensitive data, it is critical that the authority designation is set to PUBLIC (*EXCLUDE). • Designated users can be given specific authority to: • Access these files through private authority • Group profiles can help with administration • Access via application techniques that inherit additional authority • Program adopted authority • Profile swapping
  • 10. Row and Column Access Control (RCAC)
  • 11. Row and Column Access Control (RCAC) • Included with Db2 beginning with 7.2 of the IBM i OS, RCAC provides the ability to prevent selected users from viewing specified rows in a file and/or data in particular columns. • For example, accounting staff should only be able to see rows in a file where the Department field equals “Accounting,” or only select managers should be able to see the Salary column within a file. • Note that RCAC cannot be used for IFS stream files • Compatible with FieldProc encryption – use both! 11
  • 13. File-access protection 13 • Building upon object-level authority management, various exit points can be used with rules-based exit programs to further control access to files in very specific ways; • A particular file may only be accessed or a particular command may only be used during specific days or hours. • Third-party solutions streamline the creation and management of these kinds of exit programs HINT: Remember to enable system logging and collect authority failures.
  • 15. Encryption 15 • By combining one or more publicly available algorithms with a proprietary encryption key, human-readable data is transformed into unreadable “ciphertext.” • When the encrypted data needs to be decrypted for permitted users, the same encryption key is used. • Encryption requires the careful management of encryption keys to ensure they don’t fall into the wrong hands. CAUTION: Newer regulations like CCPA requirement proper key management! Storing keys on the same server may expose you to litigation (see California AB 1130 – Data Breach Notification)
  • 16. Encryption Data at Rest • Precisely encryption solutions can encrypt sensitive data on the IBM i—such as credit card numbers—at the field level within databases. • Technologies are also available that encrypt backup media and disk drives Data in Motion • Encrypt application data sent across networks. • When entire files containing sensitive information need to be sent between systems or entities via FTP, they should always be encrypted, both during transit and when transfer files reside within send/receive staging areas. • Secure file transfer processes are typically done with third-party solutions as they provide strong algorithms, sound encryption-key management processes, and a variety of features that streamline and automate file transfer processes. 16
  • 18. Tokenization 18 • Replace sensitive data with non-sensitive substitute values called tokens • Third-party tokenization solutions • utilize a database called a token vault • stores both the sensitive data and information about the relationship between it and its replacement token • permanently replaces sensitive data with a substitute value • Tokenization is often used to replace credit card numbers, social security numbers, and other personally identifiable information.
  • 20. Anonymization 20 • Differences from Tokenization • Eliminates use of a token vault • Permanently replaces sensitive data with a substitute value • Makes the original data unrecoverable • Top use case for anonymization • Production data needed for development • Production data being used in a test environments.
  • 21. Top Takeaways • Know where your sensitive data is • Know where your sensitive data goes • Know who should have access to the data • Apply encryption and access controls • Do periodic reviews! Data tends to leak into unexpected places. No one regretted protecting their sensitive data AFTER they had a data breach. 21
  • 23. Download the White Paper The six layers of IBM i security and how Precisely can help 23 https://www.precisely.com/resource-center/whitepapers/the-essential- layers-of-ibm-i-security
  • 24. Layers of Security Webinar Series 24 Topic 1 Topic 2 Topic 3 access on Resource Center Topic 5 Topic 6Topic 4 register now!today
  • 25. Q & A

Editor's Notes

  1. BH
  2. Bill
  3. Patrick I will speak to drivers for encryption including compliance regulations (CCPA, etc.), protection of IP and business secrets, etc.
  4. Bill The increased frequency of high-profile breaches and the corresponding rise of new and expanded regulatory compliance requirements is putting enormous pressure on IT departments to assure their corporate executives that business-critical systems and data are secure. One particular statistic from a recently conducted Precisely survey of IT professionals is revealing in that 69% of respondents said they were only “somewhat confident” (or worse) in the effectiveness of their company’s IT security program. Given today’s rapidly evolving security threats, even being “somewhat confident” doesn’t cut it. Improving confidence in one’s IT security posture requires a solid understanding of all potential vulnerabilities as well as the most effective best practices and technologies in order to minimize the possibility of a breach. To help, Precisely has created this white paper as a roadmap, grouping together important security best practices and technologies into six primary categories or “layers.” These layers cover physical devices, networks, configuration of the IBM i OS, access to systems, protection of data at the file and field level, and monitoring and auditing of systems. The reason it’s particularly helpful to view these security categories as “layers” is that, to some extent, each category overlaps with the others to provide multiple lines of defense. In other words, should one security layer be somehow compromised, there’s a good chance that another layer will thwart a would-be intruder. The six layers of IBM i security are summarized in the following diagram and are detailed in the remainder of this white paper
  5. Bill Numerous regulations require companies in various industries to protect personally identifiable information (PII), personal health information (PHI), personal credit card information, and other sensitive data from being exposed should a breach occur. The following strategies and technologies are key to protecting files and data on the IBM i:
  6. Bill
  7. Bill
  8. Patrick Note: Added the bullet point about group profiles
  9. Bill
  10. Patrick In instances where users need to access IBM i environments containing especially sensitive data, third-party technologies can be implemented that require two or more identifying factors from users before access is granted.  Most people are implementing MFA today. Some regulations require MFA per system not just once when sign into the network. Everyday examples. This is  a way to take a step further to resource access. In addition to being used to control access to systems, multi-factor authentication solutions can typically be implemented via API calls to control access to specific databases, individual files, or even commands.. Bill: I added the note about RCAC is compatible with encryption. That was always confusing to IBM I customers.
  11. Bill
  12. Patrick I added the last bullet point about system logging. Good tie in to Precisely monitoring solutions.
  13. Bill
  14. Patrick I added the last note about proper key management.
  15. Patrick I think I would change “Third-party encryption solutions” to “Precisely encryption solutions”. I don’t think that is too salesy, but of course up to you. I will talk about the Precisely managed FTP solution, too.
  16. Bill
  17. Patick I just added the bit “or when sending to outside service providers”.
  18. BH
  19. Patrick
  20. Patrick Bill: Just some suggestions as we wrap up the conversation. Thoughts?
  21. Bill The increased frequency of high-profile breaches and the corresponding rise of new and expanded regulatory compliance requirements is putting enormous pressure on IT departments to assure their corporate executives that business-critical systems and data are secure. One particular statistic from a recently conducted Precisely survey of IT professionals is revealing in that 69% of respondents said they were only “somewhat confident” (or worse) in the effectiveness of their company’s IT security program. Given today’s rapidly evolving security threats, even being “somewhat confident” doesn’t cut it. Improving confidence in one’s IT security posture requires a solid understanding of all potential vulnerabilities as well as the most effective best practices and technologies in order to minimize the possibility of a breach. To help, Precisely has created this white paper as a roadmap, grouping together important security best practices and technologies into six primary categories or “layers.” These layers cover physical devices, networks, configuration of the IBM i OS, access to systems, protection of data at the file and field level, and monitoring and auditing of systems. The reason it’s particularly helpful to view these security categories as “layers” is that, to some extent, each category overlaps with the others to provide multiple lines of defense. In other words, should one security layer be somehow compromised, there’s a good chance that another layer will thwart a would-be intruder. The six layers of IBM i security are summarized in the following diagram and are detailed in the remainder of this white paper
  22. Bill
  23. Bill
  24. Bill and Patrick – Bill will moderate the Q&A
  25. BH