In this session, which has been presented after the Connect also at Rheinland Nachlese, Engage by BLUG and BCCon, we took you on the quest of strengthening the security while cutting costs for administration.
Daily administration of the IBM Domino environment can be manual, tedious and cost-intensive. Mismanagement can also pose significant security issues and can also result in legal ramifications.
Whether you need to cut costs in administration, save time spent on routine tasks, or make your audit team happy, there is help available.
Specialized in administration automation and security solutions, BCC has gained an unique insight in various Notes/Domino enviroments of more than 800 customers worldwide. In this session we will share the best practices on how to streamline IBM Notes and Domino administration, enhance system and process security, and ensure compliance with legal regulations.
* Automate the user, group, and app administration processes to reduce manual tasks and avoid human errors
* Implement strict compliance with corporate administration standards and reduce administration costs
* Prevent fraud / malicious actions from inside your company and ensure compliance with legal regulations
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
We are in the midst of upheaval in the world of IT Security. Attackers are highly organized and using increasingly sophisticated methods to gain entry to your most sensitive data. At the same time, Cloud and mobile are redefining the concept of the perimeter. Check out this insightful discussion of how today's CISO is building a more secure enterprise using analytics, risk-based protection, and activity monitoring to protect the most valuable assets of the organization.
For more visit: http://securityintelligence.com
IBM Endpoint Manager for Software Use Analysis (Overview)Kimber Spradlin
Respond to license audits in minutes, uncover unused software that can be cancelled or redeployed to lower expenses by 35% or more with this solution from IBM. Covers Windows, Linux, and Unix applications with a library of over 100,000 software titles.
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
view on demand: https://securityintelligence.com/events/dont-drown-in-a-sea-of-cyberthreats/
Security teams can be overwhelmed by a sea of vulnerabilities–without the contextual data to help them focus their efforts on the weaknesses that are most likely to be exploited. Cyberthreats need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, prioritize risks and respond within minutes to shut down an attack or vulnerability that could compromise your endpoints and data.
Join this webinar and learn how IBM BigFix seamlessly integrates with IBM QRadar to provide accelerated risk prioritization and incident response to mitigate potential attacks giving you an integrated threat protection system to keep your corporate and customer data secure.
Bridging the Gap Between Your Security Defenses and Critical DataIBM Security
View on-demand recording: http://securityintelligence.com/events/bridging-the-gap-between-your-security-defenses-and-critical-data/
Many organizations are struggling with the growing gap between the vulnerability of critical data and security defenses. You need visibility at all times to prevent external and internal database breaches. Your organization can't lose sight of the importance of the integrity of your data, including unauthorized changes and suspicious activity.
You will learn how combining the industry-leading security intelligence capabilities of IBM QRadar Security Intelligence Platform with the robust data security capabilities of IBM Security Guardium data activity monitor, organizations can gain actionable insights to reduce security risks at all layers and boost compliance across the enterprise.
In this live webinar, Sally Fabian, IBM Data Security Technical Specialist, will discuss:
- Architecture and integration points
- Real-time alerts and reporting
- Vulnerability assessments according to your risk score
- Security intelligence event log collection and analytics
- Actionable insights from security events
Compliance and Audit Readiness: The DevOps Killer?DevOps.com
Compliance and audit readiness are more important than ever, as our customers demand more control over their personal data, while sophisticated attackers try to break into our IT systems. Many standard practices related to regulatory compliance assume a waterfall delivery model and a clear separation between development and operations. DevOps practices, such as continuous delivery and removing barriers between dev and ops, can make those standards more difficult to follow. On the other hand, the business value of DevOps practices is well known and proven.
To set the stage, we'll describe some relevant standards and regulations. We'll discuss the difference between security and data privacy. Then we'll discuss Separation of Duties, its purpose and goals, and different ways to implement it. Throughout, we'll show how we we can adapt DevOps practices to help us harden our systems, while we adapt our standards to enable DevOps. You'll learn how you can make compliance easier for your development teams, and collect the relevant process documentation needed for audit readiness. In the process, we can move from compliance gates to continuous compliance.
IBM Endpoint Manager for Server Automation (Overview)Kimber Spradlin
IBM® Endpoint Manager for Server Automation enables users to perform advanced automation tasks across servers, including task sequencing—without the need for programming skills. This product offers a rich set of prebuilt automation scripts and enables users to create and re-use their own automation flows.
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...IBM Security
On today’s smarter planet, providing secure access to sensitive data, applications and infrastructure is more complex than ever. With users accessing corporate data and applications from outside the traditional network perimeter, traditional access and authentication controls are no longer sufficient. To safeguard mobile, cloud and social interactions while preventing insider threat and identity fraud, you need a powerful access management solution thats designed for today’s multi-perimeter world.
We will explore how you can address your problems with the latest IBM Security Access Manager – an “All-in-one” access management solution that is designed to provide both web and mobile security in a modular package suitable to your needs.
View the full on-demand webcast: https://www.youtube.com/watch?v=-ycUQykZSQA
3 Steps to Security Intelligence - How to Build a More Secure EnterpriseIBM Security
We are in the midst of upheaval in the world of IT Security. Attackers are highly organized and using increasingly sophisticated methods to gain entry to your most sensitive data. At the same time, Cloud and mobile are redefining the concept of the perimeter. Check out this insightful discussion of how today's CISO is building a more secure enterprise using analytics, risk-based protection, and activity monitoring to protect the most valuable assets of the organization.
For more visit: http://securityintelligence.com
IBM Endpoint Manager for Software Use Analysis (Overview)Kimber Spradlin
Respond to license audits in minutes, uncover unused software that can be cancelled or redeployed to lower expenses by 35% or more with this solution from IBM. Covers Windows, Linux, and Unix applications with a library of over 100,000 software titles.
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
view on demand: https://securityintelligence.com/events/dont-drown-in-a-sea-of-cyberthreats/
Security teams can be overwhelmed by a sea of vulnerabilities–without the contextual data to help them focus their efforts on the weaknesses that are most likely to be exploited. Cyberthreats need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, prioritize risks and respond within minutes to shut down an attack or vulnerability that could compromise your endpoints and data.
Join this webinar and learn how IBM BigFix seamlessly integrates with IBM QRadar to provide accelerated risk prioritization and incident response to mitigate potential attacks giving you an integrated threat protection system to keep your corporate and customer data secure.
Bridging the Gap Between Your Security Defenses and Critical DataIBM Security
View on-demand recording: http://securityintelligence.com/events/bridging-the-gap-between-your-security-defenses-and-critical-data/
Many organizations are struggling with the growing gap between the vulnerability of critical data and security defenses. You need visibility at all times to prevent external and internal database breaches. Your organization can't lose sight of the importance of the integrity of your data, including unauthorized changes and suspicious activity.
You will learn how combining the industry-leading security intelligence capabilities of IBM QRadar Security Intelligence Platform with the robust data security capabilities of IBM Security Guardium data activity monitor, organizations can gain actionable insights to reduce security risks at all layers and boost compliance across the enterprise.
In this live webinar, Sally Fabian, IBM Data Security Technical Specialist, will discuss:
- Architecture and integration points
- Real-time alerts and reporting
- Vulnerability assessments according to your risk score
- Security intelligence event log collection and analytics
- Actionable insights from security events
Compliance and Audit Readiness: The DevOps Killer?DevOps.com
Compliance and audit readiness are more important than ever, as our customers demand more control over their personal data, while sophisticated attackers try to break into our IT systems. Many standard practices related to regulatory compliance assume a waterfall delivery model and a clear separation between development and operations. DevOps practices, such as continuous delivery and removing barriers between dev and ops, can make those standards more difficult to follow. On the other hand, the business value of DevOps practices is well known and proven.
To set the stage, we'll describe some relevant standards and regulations. We'll discuss the difference between security and data privacy. Then we'll discuss Separation of Duties, its purpose and goals, and different ways to implement it. Throughout, we'll show how we we can adapt DevOps practices to help us harden our systems, while we adapt our standards to enable DevOps. You'll learn how you can make compliance easier for your development teams, and collect the relevant process documentation needed for audit readiness. In the process, we can move from compliance gates to continuous compliance.
IBM Endpoint Manager for Server Automation (Overview)Kimber Spradlin
IBM® Endpoint Manager for Server Automation enables users to perform advanced automation tasks across servers, including task sequencing—without the need for programming skills. This product offers a rich set of prebuilt automation scripts and enables users to create and re-use their own automation flows.
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...IBM Security
On today’s smarter planet, providing secure access to sensitive data, applications and infrastructure is more complex than ever. With users accessing corporate data and applications from outside the traditional network perimeter, traditional access and authentication controls are no longer sufficient. To safeguard mobile, cloud and social interactions while preventing insider threat and identity fraud, you need a powerful access management solution thats designed for today’s multi-perimeter world.
We will explore how you can address your problems with the latest IBM Security Access Manager – an “All-in-one” access management solution that is designed to provide both web and mobile security in a modular package suitable to your needs.
View the full on-demand webcast: https://www.youtube.com/watch?v=-ycUQykZSQA
IBM Power Systems servers (AS/400, iSeries) enjoy a reputation as one of the most secure platforms in the data center, and this is reinforced each time IBM enhances the already impressive set of built-in security features.
Unfortunately, many organizations are surprised to learn that IBM i ships in a completely open default state. Addressing this starts with understanding and configuring the supplied operating system controls.
Jeff Uehling of IBM outlines new security functions incorporated into recent editions of IBM i, including:
• New password policy controls
• Encryption
• User profile enhancements
• Field procedures (FieldProc)
• Row and column access control (RCAC)
The Cost of Managing IBM i Without AutomationHelpSystems
Take a fresh look your IBM i investment to identify the areas where automation provides you opportunities for cost control while improving scalability and resource utilization and boosting employee morale.
IBM Endpoint Manger for Power Management (Overview)Kimber Spradlin
Save $20-$50 per computer per year by automatically putting devices in lower-power states when they are unused. Much more granular policy setting, "Green" reports, savings models, client-side dashboard, coverage for PCs and Macs, and continuous enforcement set this solution apart from relying on the built-in power management settings.
Introduction to the business challenges of securely managing access to privileged accounts and the technical processes built into Privileged Access Manager to secure access to administrator, service and application-to-application IDs.
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
On April 8 Syncsort announced Assure Security, a new product that brings together Syncsort’s best-in-class IBM i security capabilities. Assure Security enables organizations like yours to comply with cybersecurity regulations and strengthen IBM i security through features that assess security vulnerabilities, control access to systems and data, enforce data privacy, and monitor for security incidents and compliance deviations.
View this webcast on-demand to learn all about Assure Security, including:
• How Syncsort’s security brands have come together in Assure Security
• How Assure Security automates security best practices and satisfies regulatory requirements
• How Syncsort can help you control access to IBM i systems and prevent data breaches
Recent security breaches by trusted insiders have propelled Identity and Access Management (IAM) to the top security priority of many organizations. After all, it’s clear security is only as strong as its weakest link – people – and the press is full of articles documenting the damage people can do. So it’s natural for security managers to want to shore up their IAM infrastructure to avoid similar embarrassment. But IAM needs to be approached with an eye towards the full extended environment and by taking associated risks into account. In other words, whether you are starting from scratch or taking on new IAM challenges such as cloud security, there are certain IAM tenets you should follow to build a successful, effective IAM solution.
Don’t join the Hall of Shame by having a security breach at your organization. Attend this webcast to learn five ways a typical IAM solution can fail, so you don’t make the same mistakes.
View the full on-demand webcast: http://securityintelligence.com/events/5-reasons-iam-solution-will-fail/#.VYxJ4_lVhBd
Preventing Employee Data Breaches Caused by Unsecure File TransfersBiscom Delivery Server
The majority of all corporate data breaches are caused inadvertently by well-meaning employees exchanging files with customers, vendors, and partners. Ad hoc file transfer security has become a critical concern for Information Security departments at leading companies.
In today’s world of evolving threats and complex regulatory requirements, you must be confident that your IBM i system and data is secure – but this isn’t a one-and-done process. You must continuously monitor all system and database activity, identify security threats and compliance issues in real-time, and report on outcomes. With the growth of SIEM solutions, such as Splunk or IBM QRadar, you’ll also likely need to send IBM i security data to these platforms to enable a complete 360-degree view across the enterprise.
The good news is that IBM i log files and journals are rich sources of security-related system and database activity – if you know what to look for, and how to make sense of it.
View this webinar on-demand to learn best practices for capturing, monitoring, and reporting IBM i security data with SIEM solutions. During this webinar, we discuss topics such as:
• Key IBM i data and sources that must be monitored
• Automating real-time analysis of log files to identify threats to system and data
security
• Integrating IBM i security data into SIEM solutions for a clear view of security
across multiple platforms
Essential Layers of IBM i Security: Security Monitoring and AuditingPrecisely
Taking a holistic view of your security profile is critical to success. Grouping together security best practices and technologies into six primary layers, where each layer overlaps with the others, provides multiple lines of defense. Should one security layer be compromised, there’s a good chance that another layer will thwart a would-be intruder.
Our final webinar in this series focuses on monitoring the IBM i and automatically alerting administrators and security officers whenever suspicious activity is detected, as well as logging all security-related events for the purposes of tracking and auditing.
Change auditing: Determine who changed what, when and whereGiovanni Zanasca
Change auditing: Who, What, When, Where details for every change with 'before' and 'after' values
Configuration assessment: State-in-time™ reports showing configuration settings at any point in time
More than 200 predefined reports and dashboards with filtering, grouping, sorting, exporting, email subscriptions, drill-down, web access, granular permissions and ability to create custom reports
AuditArchive™: scalable two-tiered storage (file-based + SQL database) holding consolidated audit data for up to and beyond 10 years
Unified platform to audit the entire IT infrastructure (including systems that do not produce logs), as opposed to multiple hard-to-integrate standalone tools from other vendors
IBM Power Systems servers (AS/400, iSeries) enjoy a reputation as one of the most secure platforms in the data center, and this is reinforced each time IBM enhances the already impressive set of built-in security features.
Unfortunately, many organizations are surprised to learn that IBM i ships in a completely open default state. Addressing this starts with understanding and configuring the supplied operating system controls.
Jeff Uehling of IBM outlines new security functions incorporated into recent editions of IBM i, including:
• New password policy controls
• Encryption
• User profile enhancements
• Field procedures (FieldProc)
• Row and column access control (RCAC)
The Cost of Managing IBM i Without AutomationHelpSystems
Take a fresh look your IBM i investment to identify the areas where automation provides you opportunities for cost control while improving scalability and resource utilization and boosting employee morale.
IBM Endpoint Manger for Power Management (Overview)Kimber Spradlin
Save $20-$50 per computer per year by automatically putting devices in lower-power states when they are unused. Much more granular policy setting, "Green" reports, savings models, client-side dashboard, coverage for PCs and Macs, and continuous enforcement set this solution apart from relying on the built-in power management settings.
Introduction to the business challenges of securely managing access to privileged accounts and the technical processes built into Privileged Access Manager to secure access to administrator, service and application-to-application IDs.
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
On April 8 Syncsort announced Assure Security, a new product that brings together Syncsort’s best-in-class IBM i security capabilities. Assure Security enables organizations like yours to comply with cybersecurity regulations and strengthen IBM i security through features that assess security vulnerabilities, control access to systems and data, enforce data privacy, and monitor for security incidents and compliance deviations.
View this webcast on-demand to learn all about Assure Security, including:
• How Syncsort’s security brands have come together in Assure Security
• How Assure Security automates security best practices and satisfies regulatory requirements
• How Syncsort can help you control access to IBM i systems and prevent data breaches
Recent security breaches by trusted insiders have propelled Identity and Access Management (IAM) to the top security priority of many organizations. After all, it’s clear security is only as strong as its weakest link – people – and the press is full of articles documenting the damage people can do. So it’s natural for security managers to want to shore up their IAM infrastructure to avoid similar embarrassment. But IAM needs to be approached with an eye towards the full extended environment and by taking associated risks into account. In other words, whether you are starting from scratch or taking on new IAM challenges such as cloud security, there are certain IAM tenets you should follow to build a successful, effective IAM solution.
Don’t join the Hall of Shame by having a security breach at your organization. Attend this webcast to learn five ways a typical IAM solution can fail, so you don’t make the same mistakes.
View the full on-demand webcast: http://securityintelligence.com/events/5-reasons-iam-solution-will-fail/#.VYxJ4_lVhBd
Preventing Employee Data Breaches Caused by Unsecure File TransfersBiscom Delivery Server
The majority of all corporate data breaches are caused inadvertently by well-meaning employees exchanging files with customers, vendors, and partners. Ad hoc file transfer security has become a critical concern for Information Security departments at leading companies.
In today’s world of evolving threats and complex regulatory requirements, you must be confident that your IBM i system and data is secure – but this isn’t a one-and-done process. You must continuously monitor all system and database activity, identify security threats and compliance issues in real-time, and report on outcomes. With the growth of SIEM solutions, such as Splunk or IBM QRadar, you’ll also likely need to send IBM i security data to these platforms to enable a complete 360-degree view across the enterprise.
The good news is that IBM i log files and journals are rich sources of security-related system and database activity – if you know what to look for, and how to make sense of it.
View this webinar on-demand to learn best practices for capturing, monitoring, and reporting IBM i security data with SIEM solutions. During this webinar, we discuss topics such as:
• Key IBM i data and sources that must be monitored
• Automating real-time analysis of log files to identify threats to system and data
security
• Integrating IBM i security data into SIEM solutions for a clear view of security
across multiple platforms
Essential Layers of IBM i Security: Security Monitoring and AuditingPrecisely
Taking a holistic view of your security profile is critical to success. Grouping together security best practices and technologies into six primary layers, where each layer overlaps with the others, provides multiple lines of defense. Should one security layer be compromised, there’s a good chance that another layer will thwart a would-be intruder.
Our final webinar in this series focuses on monitoring the IBM i and automatically alerting administrators and security officers whenever suspicious activity is detected, as well as logging all security-related events for the purposes of tracking and auditing.
Change auditing: Determine who changed what, when and whereGiovanni Zanasca
Change auditing: Who, What, When, Where details for every change with 'before' and 'after' values
Configuration assessment: State-in-time™ reports showing configuration settings at any point in time
More than 200 predefined reports and dashboards with filtering, grouping, sorting, exporting, email subscriptions, drill-down, web access, granular permissions and ability to create custom reports
AuditArchive™: scalable two-tiered storage (file-based + SQL database) holding consolidated audit data for up to and beyond 10 years
Unified platform to audit the entire IT infrastructure (including systems that do not produce logs), as opposed to multiple hard-to-integrate standalone tools from other vendors
IBM i is securable BUT not secured by default. To help protect your organization from the increasing security threats, you must take control of all access points to your IBM i server. You can limit IBM i security threats by routinely assessing your risks and taking control of logon security, powerful authorities, and system access.
With the right tools and process, you can assure comprehensive control of unauthorized access and can trace any activity, suspicious or otherwise, on your IBM i systems.
Watch this on-demand webcast to learn:
• How to secure network access and communication ports
• How to implement different authentication options and tradeoffs
• How to limit the number of privileged user accounts
• How Precisely’s Assure Security can help
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Software India
More than investing, managing and controlling IT assets is critical in an organisation. Companies have a lot to gain by maintaining control of IT assets. They can avoid massive unplanned expenses, increase productivity and provide easy access to information for decision making. When designing an IT asset management (ITAM) program, organisations need to keep the above in mind so as to make the most of their investments. Go through the presentation to find out more how IBM SmartCloud suite of solutions can help you achieve the above.
David Cass discusses the role of security and how best practices can be used to accelerate cloud adoption and success.
Learn more by visiting our Bluemix Hybrid page: http://ibm.co/1PKN23h
Speaker: David Cass (Vice President, Cloud and SaaS CISO)
Local or remote privileged accounts (technical users), e.g. ‘root’ or ‘administrator’, have wide-ranging authorisations and pose a considerable security risk. Passwords associated with these accounts provide access to all business-critical databases. However, switching privileged and shared accounts to individual users is not the solution, because this would mean having to set up hundreds or thousands of accounts. Managing these accounts would be extremely time-consuming and costly. The weak points of privileged and shared accounts are lack of traceability and associated infringement of statutory and regulatory requirements (compliance).
Steeds meer mensen werken vanuit thuis. Hierdoor is het lastiger om hen goed te bedienen en tevredenheid te bewaren. Hoe zorg je er voor dat nieuwe software snel op de werkplek wordt geïnstalleerd als ze niet op kantoor komen. Hoe breng je de servicebeleving van kantoor naar huis of verbeter je deze zelfs? In deze sessie gaan wij samen met de aanwezigen bespreken hoe de tevredenheid van de thuiswerker verhoogd kan worden en productiviteit gewaarborgd kan worden met daarnaast een verlaging van de workload van de IT afdeling.
Controlling Access to IBM i Systems and DataPrecisely
Security best practice and regulations such as SOX, HIPAA, GDPR and others require you to restrict access to your critical IBM i systems and their data, but this is easier said than done. Legacy, proprietary access protocols now co-exist with new, open-source protocols to create access control headaches.
View this webcast on-demand for an in-depth discussion of IBM i access points that must be secured and how exit points can be leveraged to accomplish the task. We’ll cover:
• Securing network access and communication ports
• How database access via open-source protocols can be secured
• Taking control of command execution
The Best Shield Against Ransomware for IBM iPrecisely
Did you know a frequent vulnerability that is exploited to initiate a ransomware attack on your IBM i is a compromised password? The most frequent approach to compromise system access is Credential Stuffing where an intruder finds user ids and passwords that have been stolen from somewhere else, sold on the dark web and attempts to use them at another organization. This is often successful because many people re-use the same password they use at work at multiple other online sites.
Adding multi-factor authentication is the #1 action most enterprises can do to prevent cybersecurity incidents from occurring. Even in industries that do not currently require MFA for regulatory compliance, governments are taking cybersecurity more seriously as agencies and infrastructure are increasingly being targeted. Investing in an MFA solution is an effective way to secure your data from unauthorized access and protect your resources.
Assure Multi-factor Authentication’s advanced capabilities provide unique, flexible solutions to access control on the IBM i. With our new, powerful user interface, we are making MFA easier to implement and control. Watch this on-demand webinar to learn:
• How malware gets on to the IBM i system
• Tips on implementing MFA for the IBM i
• How our new interface can make deploying MFA even easier
Are your clients asking you about the costs and benefits of cloud based accounting and financial management systems? Are they asking you about the risks of cloud computing? Are you curious to know why there is so much buzz about the cloud?
As a trusted advisor, it is your responsibility to be informed about available (and exceptional) accounting and financial management software options. So, have you informed your client-base about the power of the cloud? Have you shared the rewards and possible risks of cloud computing? What, exactly, do they need to know to make the best financial decision for their organizations? This webcast will provide you with the nuts and bolts of cloud computing so you will be better able to answer your client’s questions.
In this webcast you will learn:
How to evaluate the available cloud options provided by various software vendors.
How cloud accounting complies with Section 404 of Sarbanes-Oxley?
Why cloud computing is relevant to CPAs in public practice?
What are the cost saving opportunities that arise from cloud computing.
Security and compliance is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly-skilled, experienced and trained personnel. We strive to keep software and hardware technologies up to date through robust processes. To help keep Office 365 security at the top of the industry, we use processes such as the Security Development Lifecycle; we also employ techniques that throttle traffic and prevent, detect, and mitigate breaches.
https://runfrictionless.com/b2b-white-paper-service/
IBM Messaging Security - Why securing your environment is important : IBM Int...Leif Davidsen
Presentation from IBM InterConnect 2016 . With growth in the number of business applications and exponential growth in connectivity between applications and systems, it is important to understand not just how to implement security, but why it is important to ensure all parts of the business can appreciate it and apply the right levels of security to their messaging system use. - jointly presented by Leif Davidsen and Rob Parker
3433 IBM messaging security why securing your environment is important-feb2...Robert Parker
These slides were presented at Interconnect with Leif Davidsen presenting why securing your environment is important and then i presented what security features in IBM MQ can be used to protect your environment.
Similar to IBM Connect 2014 SPOT114: No Compromise on Compliance: Streamline Administration, Save Time and Money (20)
You’ve been told that you will need to go though Connections 6.0 to get to Connections PINK. We’ve been through the process already and can show you the best way to do it. From planning your data migration strategy, requirements and software upgrades, to time estimates and lessons learned and the all important documentation stage that everyone loves. Let us be the pain relief to your migrations headache (other antidotes are available).
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
Einheitliches Management für IBM und Microsoft Collaborationen Plattformen.
Vorgehensmodell für Migration, Ausgangsbasis, Herausforderungen und "Best practices" Vorgehensweise und Demo Beispiele BCC, ClientGenie, MailProtect.
5. April 2017 / Hartmut Koch / BCC Unternehmensberatung
Anforderungen und Informationsquellen, dreistufige Realisierung, die Praxis, Live Demo von Schutzfunktionen und Exkurs: Risiken in der "nativen" IBM Domino Administration.
This webinar was recorded on 26th February 2017.
Tim Clark talks about how to stop data leaking from your IBM Domino datastore using BCC's DominoProtect.
Replay available here: https://youtu.be/Joqg4jVO-io
Even in the Cloud you need to manage your IBM Connections Cloud environment. This presentation will explain the key tasks for IBM Connections Cloud Administration especially around User Management. We will discuss the challenges and the best practices approach to integrate and sync with your enterprise directories using IBM Integration Server.
Are IBM Domino Plug-ins your friends or enemies? Find out what our developer Teresa Deane have said on that subject at her session “My love-hate relationship with IBM Domino Plug-ins” at the IBM Connect 2016 in Orlando.
Building a plug-in for the Notes client is hard and you need to be a rocket scientist to write a simple menu extension. This is exactly, what I thought, when I first heard of plug-in development.
In this session, you will learn, how to setup an Eclipse environment, connect it to your Notes Client for debugging and testing, and finally deploy your plugin to your users. Become familiar with the basics, and you will no longer be scared.
Social business software is all about sharing content and data in a “collaborative” way to identify internal or external experts. Most of these data must be considered as personal data which is related to an individual person.
Implementing social business technologies in enterprises often leads to discussion with data protection supervisors how to be compliant with EU data protection law. This discussion gets even more challenging if you consider using social business applications in “the cloud” which might the only choice in the near future due IBMs “Cloud First” or Microsoft’s “Cloud only” delivery model.
This session will give you an overview
- about EU data protection regulations
- its implications for using social business systems
- special considerations for using cloud based social business systems
Presented by Ulrich Krause (BCC) @eknori and Howard Greenberg (TLCC) @TLCCLtd at Engage 2014 by BLUG.
There are many factors that affect how fast your XPages applications run, from server configuration to the way the XPage is designed.
In this session you will learn how you can optimize both your application and your server. Explore the JSF Life cycle and how it affects performance.
Discover how using on page load, partial update and partial execution can help. See how readily available tools from OpenNTF can be used to profile and analyze your code to improve the speed of your applications.
Using the right programming language? Choosing the right language can have a dramatic impact on your XPages performance.
After you attend this session you will learn how your XPages can survive and thrive in the fast lane of the autobahn where there are no speed limits!
Sie betreiben ausgeklügelte Rechteverwaltung auf Ihrem Domino System, die Daten in den zahlreichen Datenbanken und Anwendungen sind gut abgesichert.
Wirklich?
Ist Ihr "Generalschlüssel" für den ID-Vault auch gut geschützt, oder wird die Server-ID unverschlüsselt verwendet?
Können Sie sicher gehen, dass die Gruppendokumente nicht unberechtigt geändert werden?
Wie breit sind weitreichende Administrationsrechte z.B. an Support-Kollegen "gestreut"?
BCC bietet mit DominoProtect eine Lösung, die mögliche Sicherheitslücken schließt, das Systemmanagement in komplexen Umgebungen vereinfacht und hilft Revisions- und Compliance-Anforderungen zu erfüllen.
Dieser Vortrag von der DNUG Frühjahrskonferenz 2014 in Karlsruhe bietet einen Einstieg in das Thema Sicherheit & Compliance in IBM Collaboration Infrastrukturen und beleuchtet insbesondere folgende Bereiche:
* Security Monitoring - wie Sie sicherheits- und systemkritische Änderungen in Ihrer IBM Domino Umgebung in Echtzeit überwachen
* Compliance - wie Änderungen oder sogar Zugriffe auf sensible Elemente zuverlässig verhindert und dokumentiert werden können
* Change Management - wie Konfigurationsänderungen nicht ohne Freigabe aktiviert und Rollback & Recovery mit nur einem Klick möglich werden
Geht ihren Servern der Speicherplatz aus? Erfahren Sie in dieser Präsentation von der BCCon 2014 Konferenz welche Möglichkeiten zur Abhilfe durch DAOS und andere Platzsparer bestehen.
Are your servers running out of space as more, and more complex data is sent thru or stored in applications on the servers? Are your users keep on sending bit like attachments again and again? Do standard tasks like compact or fixup last for ages or does your backup still runs during working hours? Learn how to benefit from build-in space saving features. Maximize disk space savings provided by Domino Attachment and Object Service (DAOS) and ensure that your environment is properly configured for best performance with this feature. Reduce network bandwidth when replicating databases between servers and increase mail quotas without using more disk space. As of Domino 9.0.1, DBMT is the swiss army knife for administrators. Learn about pre-allocating space to avoid file fragmentation during a copy-style compact. Ensure that a mail application in a clustered environment is always available and mail gets delivered while performing file compaction and other standard tasks
Geht ihren Servern der Speicherplatz aus?
Haben Sie mehr als einen (bit) identischen Anhang in Ihren Datenbanken gespeichert?
Dauern Standardaufgaben wie fixup ewig oder reicht die Zeit in den Nachtstunden für ein Backup nicht mehr aus?
Setzen Sie Datenbankquotas ein und ihre Anwender verlangen nach mehr Platz?
Haben Sie sich schon einmal gefragt, was passiert, wenn sie ein "load compact -c" ausführen?
Warum werden Datenbanken nicht auf das neueste ODS angehoben? Mache ich was falsch??
Wenn Sie eines oder mehrere dieser Fragen mit "JA" beantworten können, dann sind Sie in dieser Session richtig. Nutzen Sie den vorhandenen Speicherplatz durch den Einsatz von DAOS optimal aus.
Verkleinern Sie ihre Datenbanken; Design- und Documentdata compression helfen Ihnen dabei.
Reduzieren Sie die Netzwerkbandbreite bei der Replikation zwischen Servern und zwischen Clients und Servern,
und lernen Sie, wie Sie die Quota erweitern, ohne mehr Speicherplatz zu benötigen.
Geben Sie ihren Festplatten den nötigen "drive" durch regelmässige Defragmentierung. OpenNTF hilft Ihnen dabei.
Xpages Anwendungen lassen sich recht leicht per Drag & Drop und ein wenig Code erstellen. In den meisten Fällen reicht dies auch aus, wenn es um die Arbeit mit wenig Datensätzen geht und die Anwendung selber nicht sonderlich kompliziert ist. Dringt man aber tiefer in die Programmierung ein, so wird man nicht selten mit Performanceproblemen konfrontiert.
Die Session zeigt auf, wo in einer Anwendung ( und auch ausserhalb ) die Performancefresser stecken und wie man diesen auf die Schliche kommt. Die Installation des OpenNTF Xpages Toolkit und die Anwendung der Toolbox werden an einem praktischen Beispiel erläutert. Dabei wird aus einer anfänglich nicht performanten Anwendung Schritt für Schritt eine performante Applikation.
Agenda:
Performance, was kann bremsen ?
Java vs. JavaScript
Daten vorbereiten, ViewNavigator vs. GetNextDocument
Stringbuilder vs. Concat
Phase Listener
Partial Refresh / Partial Execute
Variable resolver
Nach der guten Resonanz des ersten Teils des Vortrages von Mirco Vilic auf der DNUG-Frühjahrskonferenz in Berlin 2013 "Deep Dive IBM Domino Mail Routing - Essentials & Best Practices" , präsentiert er nun den zweiten Teil, der ganz im Zeichen von Domino als SMTP Mailer steht. In diesem weiterführenden Vortrag beleuchten wir die Fähigkeiten des Domino Servers als SMTP Mailer auf fortgeschrittener Ebene. Dies beinhaltet die einfache Standard-Konfiguration, sowie alle weitergehenden Einstellungen, die für den täglichen Betrieb, sowie für die Fehlersuche, relevant sind,
Wir zeigen die Möglichkeiten, die uns Domino durch Notes.ini Parameter bietet, oder wie man mit Domino eine virtuelle SMTP Testumgebung einrichtet, die ein simples Testing von z.B. Mail-Management-Software ermöglicht.
AdminP is an elementary server task for your IBM Lotus Domino Administration. This session explains which administration processes are available and how those can make your day-to-day administration tasks easier. We will cover the best practices for setup and troubleshooting using AdminP, in projects like recertifications and server consolidations.
? Geht ihren Servern der Speicherplatz aus?
? Haben Sie mehr als einen (bit) identischen Anhang in Ihren Datenbanken gespeichert?
? Dauern Standardaufgaben wie fixup ewig oder reicht die Zeit in den Nachtstunden für ein Backup nicht mehr aus?
? Setzen Sie Datenbankquotas ein und ihre Anwender verlangen nach mehr Platz?
? Haben Sie sich schon einmal gefragt, was passiert, wenn sie ein "load compact -c" ausführen?
? Warum werden Datenbanken nicht auf das neueste ODS angehoben? Mache ich was falsch??
Wenn Sie eines oder mehrere dieser Fragen mit "JA" beantworten können, dann sind Sie bei dieser Session richtig. Nutzen Sie den vorhandenen Speicherplatz durch den Einsatz von DAOS optimal aus.
--> Verkleinern Sie ihre Datenbanken; Design- und Documentdata compression helfen Ihnen dabei.
--> Reduzieren Sie die Netzwerkbandbreite bei der Replikation zwischen Servern und zwischen Clients und Servern, und lernen Sie, wie Sie die Quota erweitern, ohne mehr Speicherplatz zu benötigen.
--> Geben Sie ihren Festplatten den nötigen "drive" durch regelmässige Defragmentierung. OpenNTF hilft Ihnen dabei.
Zielgruppe sind Administratoren oder Entscheider, die mehr über Compact, DAOS und Defragmentierung wissen möchten.
Sie betreiben ausgeklügelte Rechteverwaltung auf Ihrem Domino System, die Daten in den zahlreichen Datenbanken und Anwendungen sind gut abgesichert.
Wirklich? Ist Ihr "Generalschlüssel" für den ID-Vault auch gut geschützt, oder wird die Server-ID unnverschlüsselt verwendet? Können Sie sicher gehen, dass die Gruppendokumente nicht unberechtigt geändert werden? Wie breit sind weitreichende Administrationsrechte z.B. an Support-Kollegen "gestreut"?
Der IBM Domino Server bietet umfangreiche Sicherheitsmechanismen. Die Konfiguration ist jedoch komplex, Sicherheitsprobleme können entstehen. Außerdem werden Protokollierung und Verhinderung von Änderungen aus Sicht der Revision seit der Einführung von Basel II und SOX immer wichtiger. Es geht dabei darum für Transparenz im Change Management von Infrastrukturen zu sorgen.
DominoProtect schließt mögliche Sicherheitslücken, vereinfacht das Konfigurationsmanagement in komplexen Umgebungen und hilft Revisions- und Compliance-Anforderungen zu erfüllen - bewährt in vielen Projekten bei großen und kleinen Organisationen, in zahlreichen deutschen und internationalen Finanzinstituten und bei führenden IT-Dienstleistern.
Ein Werkzeug-Spezialist muss Konstruktionspläne zur Druckerei schicken, die Personalabteilung will die Gehaltsabrechnungen nur noch elektronisch versenden, der Vorstand will vertraulich mit potentiellen Partnern im Ausland kommunizieren. Die Anforderungen für verschlüsselte Kommunikation per E-Mail sind vielfältig, die Notwendigkeit angesichts von PRISM & Co. nicht mehr weg zu diskutieren.
Einen schnellen und unkomplizierten Einstieg in die verschlüsselte E-Mail-Kommunikation bietet die PDF-basierte Instant Encryption Technologie der BCC. Damit wird sicher gestellt, dass die nach außen gehende Kommunikation vor Mitlesen und Manipulation geschützt ist. Wenn es "mehr" sein darf, können mit MailProtect Secure Mail alle denkbaren PKI-Szenarien zum Einsatz von S/MIME und PGP realisiert werden - mit zentraler serverbasierendern Durchführung der Verschlüsselung, Entschlüsselung, Signaturprüfung und Zertifikatsverwaltung.
More from BCC - Solutions for IBM Collaboration Software (20)
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
2. Agenda
Introduction
Requirements for todays IBM Domino® infrastructure
How to streamline Administration
How to ensure Compliance
Question Time
3. About us
BCC, an IBM Business Partner since 1996
Solution provider for secure and cost-efficient management of
IBM Collaboration Infrastructure
Develops software products, provides consulting and
implementation services
800 companies with more than 3 million users trust BCC
solutions
4. About me
Administrator / Developer since 1994
Founded BCC in 1996
Working as senior architect with large
enterprise customers
–reducing Total cost of Ownership of IBM Notes and Domino®
–securing and optimizing Domino infrastructures
IBM Champion
Twitter: @OlafBoerner
6. Current situation for Domino infrastructures
Compliance
is a major
issue
The cost
pressure in
IT has grown
enormously
Hands-on
admin skills
are required
The delivery
model or
platform is
under
question
6
7. The cost pressure in IT has grown enormously
The demands in
the IT are growing
and assurance of
safe operations to
make powerful and
efficient systems is
their prime goal
7
More than 80% of
the IT companies
are under
enormous
increasing cost
pressures
8. Compliance Requirements
Sarbanes Oxley (SOX) - related to investments and securities
FINRA - related to investments and financial advisors
HIPAA - related to the protection and privacy of health information
–Any company that deals with protected health information (PHI) must
ensure that all the required
• physical,
• network, and
• process security measures
–are in place and followed.
9. The cost of not being compliant
Brand Damage
Non-Compliance Fines
Litigation Expenses
Examples
$1.45 billion judgment against Morgan Stanley for being unable to
produce reliable emails in the course of fraud litigation
$2.5 million fine against Merrill Lynch for failing to promptly produce
emails over a period of 17 months
10. Objectives for todays social business infrastructure
Streamline / TCO
Security / Compliance
12. How to handle these conflicts of objectives ?
How can you ensure compliance,
Enhance security and
Reduce total cost of ownership?
QUESTIONS:
–Compliance and security are really expensive ?
–Trade off ?
Let’s discuss this at current example: NSA and Snowden
12
13. NSA Security ...
Why did they have a Security Leak ?
–“The scariest threat is the systems administrator,”
–“The system administrator has godlike access to systems they
manage.”
• Eric Chiu Hytrust , Security Advisor
http://www.nytimes.com/2013/06/24/technology/nsa-leak-puts-focus-onsystem-administrators.html?_r=0
14. Lessons learned: How will NSA increase security ?
Additional monitoring systems
“a two-man rule” that would limit the ability of each of its 1,000 root
system admins to gain unfettered access to the entire system
Two–man rule is easy to implement !!!
Automation
15. Why Automation increases security
NSA to Axe 90 Percent of System Administrators, Adopt Automation Instead
– “What we’re in the process of doing – not fast enough – is reducing our
system administrators by about 90 percent,” Keith Alexander, NSA
– „doing things that machines are probably better at doing.“
1000 * 90% = 900 of its root system admins
http://www.washingtonpost.com/blogs/federal-eye/wp/2013/08/13/nsa-to-cut-90percent-of-systems-administrators/
http://www.dailytech.com/NSA+to+Axe+90+Percent+of+System+Administrators+Ad
opt+Automation+Instead/article33145.htm
16. Summary: Why Automation increases security
„doing things that machines are probably better at doing.“ (Keith
Alexander)
decrease required access rights
provide system log trails
TCO reduction is included for free! (currently) not important for NSA ;-)
17
20. Case Study - Global bank
Reduce Cost
by 50%
21
Ensure new
compliance
req.
Project
21. Initial Situation: Domino Administration
Lot of
development
efforts
Manual
monitoring
Highly skilled
administrators
required
High access
rights
required
Frequency of
human errors
can be high
Using
“internal”
Tools
Domino
Administrator
Client
Compliance
issue
22. Case Study– Global Bank
Simplified System Administration
– Standardized technical procedures
– Leveraging latest Domino TCO Improvements
Automation with Web-based Self-Service Application
– User and group management
– Team rooms
– Mail-In databases
Enhanced Compliance and Security Check
– Server Based Compliance check and Audit Trial
– Additional security layer beyond ACL with 3rd party tool
Result:
– Reduction of management costs by 50%
– Return on Investment in 8 Months
24. How did we achieve this?
Streamline Administration
• Organize (Helpdesk, Self-Service)
• Standardize (technical procedures &
infrastructure)
• Automate with BCC AdminSuite
Ensure compliance
• Define security settings
• Ensure with additional security product
DominoProtect
25
25. Three Steps to streamline Administration
• Delegate the tasks
to Helpdesk, HR
…
• Provide SelfService Request
1.Organize
2.Standardize
• Convert admin tasks to an
IT Process
• A detailed checklist for
every task
• “simple” standard system
environment running the
most current IBM Domino
release
• Processing checklists
by rules, profiles and
backend server tasks
• Ensuring Compliance
by having a central log
database to
automatically record all
actions
• Reduce access rights!
3.Automate
28. Standardized IT Process ‘New Employee‘
Expected rule based UserID
Request
Workflow
(optional)
Creation of Person document in DominoDirectory
Group entries corresponding to the
user are set in the profile
Mail file replica including cluster created
Password calculated and distributed via
Mail / print or fax / SMS
Data directory of the user created
Basic settings is stored in ID, Address Book, Workspace
User gets links, necessary applications
on the Workspace / Bookmarks
29. Standardized IT Process ‘New Employee‘
Request
Workflow
(optional)
Send confirmation mail to
requestor
Send information mail to
business owner
Create Billing entry in billing database
Create Reporting entry
Send welcome mail to
new user
31. Standardized IT Process ‘New Application‘
NSF file is based on the specifications
of template creation
Request
Workflow
(optional)
ACL group (s) in the Domino Directory, are created with
all entries
ACL group (s) in the ACL of the
Database created are corresponding
To the registered rights
Email is sent to requestor on success,
And error is notified to Admin
User gets links to necessary
applications on the
Workspace / Bookmarks
Mobile users get local replica automatically
32. What makes AdminSuite so valuable for your organization?
Delegate to
Helpdesk or
Self-Service
Ensure
proper
execution
Reduce
Access
Rights
Accelerate
request & no
manual effort
34. How we achieve this?
Streamline Administration
• Organize (Helpdesk, Self Service)
• Standardize (technical procedures)
• Automate with BCC AdminSuite
Ensure compliance
• Define security settings
• Automate with additional security
product BCC DominoProtect
35
35. Define security settings:
Three key elements to IBM Domino Server Security
Server ID
Database
Access
Document
Access &
Change
36. What does DominoProtect do ?
Provide an additional
security layer
Add security at
document field level
• beyond ACL and
document access rights
• Manager, Designer or
Editors are not allowed to
perform changes
• Provide different security
settings for single fields in
a document
• Manager, Designer or
Editors are not allowed to
change defined fields
37. What does DominoProtect do ?
Detailed monitoring and
tracking at real time
• Track access
• Track modifications at
field level
• Old entry
• new entry
Prevent changes at real time
• Control Domino access
rights -> even Manager
can not change
• Track blocked changes
38. What does DominoProtect technically?
Protect Server ID
with passwords
• Assign random
password to server
ID
• Provide password
at startup
• Automatic restart
possible
Protect ACL
• Prevent ACL
Change
• Track ACL
Changes
Protect Notes
document beyond
ACL settings
• Track access to
document
• Track modification
• Prevent opening,
modification or
deletion
• Check and control
field level changes
39. How do we achieve this: Security Settings Examples
Secure your ID Vault Server with DominoProtect
40. Secure your ID Vault Server
1. Step: Password protected server ID file
41. Why secure your server ID ? Protect ID Vault !
IBM Recommendation: Securing the server ID file
–‘We understand that most Domino servers are not password-protected
to make unattended reboots simpler, but the vault server's ID file is a
key element in the security of your ID vault.‘
–‘..a sophisticated attacker with a vault database and one of the
corresponding server Ids ... would have all of the cryptographic
information needed to masquerade as the vault server and decrypt all
of the ID files stored in the vault‘.
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/securing-your-notes-idvault-server
42. Secure your ID Vault Server
2. Step Secure your ID Vault ACL
Everyone with role Auditor and
Admin client is able to download ID
Files from ID Vault
How to Change ACL
•
•
Full Access Admins might be able to do this
Server based script agents
Preventing unwanted changes in ID
Vault ACL is mandatory
43. Secure your ID Vault Server
3. Step: Protect Configuration in Domino Directory
Main Goal: Reduce Access Rights to ID Vault Database and ensure these settings
Server Document:
– Protect Field: Full access administrators
– Protect optional Fields: “Programmability Restrictions“
– DominoProtect will
• Block every change in these defined fields.
• All other fields can be changed
Protect ACL Groups providing Access to ID Vault :
– Prevent Modification of all ACL Groups related to ID Vault
– DominoProtect will
• Block every change in these defined Group Documents
• All other groups can be changed
44
44. Secure your ID Vault Server
4. Step: Control security log entries in log.nsf
Main Goal: Reduce Access Rights to log.nsf and prevent deletion or
modification of Security Event log entries
Log.nsf
–ACL: Protect Changes in log.nsf
–Log “Security Events”
• Protect Changes in Documents “Security Events”
• Optional Restrict access to “Security Events”
DominoDirectory
–Protect ACL Groups providing Access to log.nsf
–Protect Full Access Admin Field
45
46. What makes DominoProtect so valuable for your
organization ?
Real-time
on server
level
Different
access at
field level
No template
modification
47. Benefits for end users/employees
Personal increase in productivity
by faster service
Better service quality
by lesser mistakes
Self-service possibility
‘I can help myself‘
48. Benefits for Admin/IT department
Simplification in administration
Concentration on mission-critical projects
and strategic measures
Reduction on the variety of tools and
scripts
No requirement of customized training
49. Benefits for administrators
Prevents unauthorized modification of
server configuration
Enhances process reliability through
request-based
change management with approval cycles
Provides full control and automated
documentation of all configuration changes
Recovery function for configuration
documents in case of mistakes or
configuration errors
Alerts in case of defined protection violation
50. Benefits for Management
Cost-efficient
–Reduces the notes infrastructure
administration cost by 70%
–Service transparency
Minimizes risks
–Ensure compliance
–Reliable information about
unauthorized access or
modification attempts
Increases the employee productivity