SlideShare a Scribd company logo

Introducing Assure Security Risk Assessment

Precisely
Precisely

Performing a detailed security risk assessment is a time-consuming and challenging task. However, in today’s high-risk environment, it is required. A common misconception that can leave IBM i systems open to data breaches is that addressing physical and network security is enough to keep systems and data safe. Though controlling physical access and ensuring network security is important, the most common vulnerabilities in IBM i environments come from improper security configurations. To understand security risks on your IBM i, it is essential to review security settings and configurations throughout the system. This requires significant knowledge of dozens of IBM i capabilities and their related configurations. Assure Security Risk Assessment thoroughly examines dozens of security settings, comparing values against best practice, to produce reports that identify security vulnerabilities. View this webcast on-demand to learn: • The dangers of improperly configured security setting on your IBM i • How many compliance regulations, such as PCI DSS and HIPAA, require annual IT risk assessments • How to request Syncsort’s FREE Assure Security Risk Assessment

Technology
1 of 26
Download to read offline
Introducing Assure Security Risk Assessment Bill Hammond – Product Marketing
Webcast Audio • Today’s webcast audio is streamed through your computer speakers. • If you need technical assistance with the web interface or audio, please reach out to us using the Q&A box. Questions Welcome • Submit your questions at any time during the presentation using the Q&A box. • We will answer them during our Q&A session following the presentation. Recording and slides • This webcast is being recorded. You will receive an email following the webcast with a link to download both the recording and the slides. Housekeeping Bill Hammond Sr Product Marketing Manager
A recent survey by Syncsort of companies running IBM Power Systems shows the impact that security and compliance are having on IT priorities: • 45% say the possibility of a security/privacy breach is a top IT concern • 48% say security is their #1 IT initiative over the coming 24 months • 75% say compliance regulations define their company’s security program • 33% say the growing complexity of regulations presents a challenge to ensuring security Compliance & Security Are Top of Mind for IBM Power Pros
Key IBM i Security Concepts • The IBM i is not inherently a secure system. However, it is extremely securable. • Legacy, proprietary protocols now cohabitate with new, open-source protocols – creating new access point headaches • The worldwide hacker community has discovered the IBM i as a high value target • Being in compliance does not automatically mean the system is secure.
Global Laws and Regulations United States Canada CCPA PIPEDA PCI DSS PCI DSS FISMA GDPR GLBA CCPA SOX State & Federal Laws GDPR United Kingdom Data Protection Act (DPA) PCI DSS GDPR CCPA European Union GDPR Data Protection Directive 94/45/EC Directive 2002/58/EC Basel III PCI DSS CCPA Japan Personal Information- Protection Law PCI DSS GDPR CCPA Asia-Pacific Forum on Privacy & Data APEC PCI DSS GDPR CCPA Latin America PCI DSS E-commerce Act Consumer Protection Code Law for Protection of Private Life Data Protection Bill GDPR CCPA
What Requirements Do Regulations Have in Common? • Strengthen and monitor login security • Control the use of powerful user authorities • Lock down access to systems and data • Encrypt (anonymize, deidentify, tokenize, etc.) private data, both at rest and in transit; encrypt removable storage and archival files • Implement strong encryption key management policies • Implement comprehensive logging and monitoring of systems and data for security and compliance incidents • Certify that vendors, service providers, etc. are compliant • Periodic security risk assessments
Most regulations require some sort of security audit/assessment on a regular basis • Payment Card Industry Data Security Standard (PCI DSS) • Health Insurance Portability and Accountability Act (HIPAA) • General Data Protection Regulation (GDPR) • New York Dept. of Financial Services Cybersecurity Regulation (23 NYCRR 500) • and others Regulatory Requirements for Security Assessment
A good security risk assessment should include: • Checks of system definitions and settings • Explanation of what they mean • Recommendations of any changes needed What Should an Assessment Include? Assessment results should be detailed enough to guide the technical staff responsible for security while also providing an overview for managers and executives.
Security Risk Assessment Service Let Syncsort’s team of security experts conduct a thorough risk assessment and provide a report with remediation guidance Assure Security Risk Assessment Tool Thoroughly check all aspects of IBM i security and obtain detailed reports and recommendations Risk Assessment
Security Risk Assessment What It Is • A security risk assessment is a thorough check of all aspects of system security, including (but not limited to): • Security settings in the OS • Default passwords • Disabled users • Command line users • Distribution of powerful users • Library authorities • Open ports • OS exit points • Risk assessments tools or services provide detailed reports on findings, explanations and recommendations for remediation • Assessment summary for non-technical management summarizes findings Benefits • Helps to satisfy the requirement for annual risk assessments found in regulations such as PCI DSS and HIPAA • Results in reports that inform management and administrators about security vulnerabilities and remedies • Saves time by automating (tool) or offloading (service) the process of conducting as assessment • Using a service or tool that encapsulates extensive experience can fill skillset gaps • Provides separation of duties between administrator and auditor
“ ” Assure Security Risk Assessment Report
Management Summary Report Overview Gauge to illustrate where the LPAR falls overall on the scale This is the System Name This report can be run in 3 modes: SUMmary, FAST and Full
Management Summary The assessment results will fall into these four categories This section explains how the system did in the four categories
Management Summary The SRA tool has three risk ratings This table shows the number of checks by category performed and where this system/LPAR rated for each
Management Summary Easy to read charts help users understand the results
Management Summary Management Summary Categories • System Values Category • QALWOBJRST – Allow Object Restore • QCRTAUT – Create Default Public Authority • QPWDMINLEN – Minimum Password Length • QUSEADPAUT – Use Adopted Authority • User Profiles Category • Distribution of Powerful Profiles, • Default Passwords • Inactive Users • Limited Capability (Command Line) Users • IBM Profiles with a Password • Object Authorities Category • Library Authorities • Object Authorities with *PUBLIC Authority • Commands with *PUBLIC not *EXCLUDE • File Shares (Big thing with Ransomware) • Programs that Adopt *ALLOBJ Authority • Access through Network Category • information about the open ports and Exit Points on the IBM i
Detail Section System Value with System Name Description Rating, Recommendation and Explanation Current Setting
Detail Section Report Title Description Rating and Findings Recommendation and Explanation Supplemental Report Name
19 Detail Section Report Title Findings Explanation Rating and Recommendation Supplemental Report Name Syncsort Confidential – For Syncsort Staff and Partners Only
Detail Section Report Title Rating and Findings Explanation and Recommendation
Conclusion Section Recommendation
Key Areas Examined System Values • Security • Password • Auditing • Powerful User Profiles • Default Passwords • Dormant Users • Limited Capabilities • IBM Profiles • Group Profiles • Service Tools User IDs Object Authorities • Libraries • Files, Programs, etc. • User Profiles • Commands • Authorization Lists • Job Descriptions • Output Queues Access through the Network • Ports • Exit Points User Profiles Sample Result with Guidance
Register for Your Free Assessment Assure Security Risk Assessment provides a useful and informative picture of your IBM i security: • Checks dozens of security definitions on your IBM i • Compares actual values against recommended best practice • Tags results with three simple severities – OK, Warning, or High Risk • Explains the meaning and significance of system definitions • Delivers easy guidance on reducing cyber security risks • Provides a high-level management summary of security risks
Q&A Link to Assure Security Risk Assessment Click Here
Introducing Assure Security Risk Assessment

Recommended

Revealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityRevealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityHelpSystems
 
Essential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and AuditingEssential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and AuditingPrecisely
 
IBM i Security SIEM Integration
IBM i Security SIEM IntegrationIBM i Security SIEM Integration
IBM i Security SIEM IntegrationPrecisely
 
Essential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityEssential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityPrecisely
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityPrecisely
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Derek Banks
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveAlgoSec
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)Sam Bowne
 

Recommended

Revealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityRevealing the 2016 State of IBM i Security
Revealing the 2016 State of IBM i SecurityHelpSystems
 
Essential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and AuditingEssential Layers of IBM i Security: Security Monitoring and Auditing
Essential Layers of IBM i Security: Security Monitoring and AuditingPrecisely
 
IBM i Security SIEM Integration
IBM i Security SIEM IntegrationIBM i Security SIEM Integration
IBM i Security SIEM IntegrationPrecisely
 
Essential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityEssential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityPrecisely
 
Monitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityMonitoring and Reporting on IBM i Compliance and Security
Monitoring and Reporting on IBM i Compliance and SecurityPrecisely
 
Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Compliance technical controls and you rva sec 2019
Compliance technical controls and you rva sec 2019Derek Banks
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveAlgoSec
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)Sam Bowne
 
Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMPRay Potter
 
ISStateGovtProposal
ISStateGovtProposalISStateGovtProposal
ISStateGovtProposalDale White
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Precisely
 
FixNix vCISO CyberSecurity Network Security for Covid91
FixNix vCISO CyberSecurity Network Security for Covid91FixNix vCISO CyberSecurity Network Security for Covid91
FixNix vCISO CyberSecurity Network Security for Covid91Shanmugavel Sankaran
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...AlgoSec
 
Step Into Security Webinar - Physical Security Integration & Access Control -...
Step Into Security Webinar - Physical Security Integration & Access Control -...Step Into Security Webinar - Physical Security Integration & Access Control -...
Step Into Security Webinar - Physical Security Integration & Access Control -...Keith Harris
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Arcsight explained
Arcsight explainedArcsight explained
Arcsight explainedanilkumar484492
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesMuhammad Mudassar
 
PA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingPA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingSchellman & Company
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor NeutralityVandana Verma
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceAlgoSec
 
Chapter 4
Chapter 4Chapter 4
Chapter 4Amy McMullin
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
Compliance and Audit Readiness: The DevOps Killer?
Compliance and Audit Readiness: The DevOps Killer?Compliance and Audit Readiness: The DevOps Killer?
Compliance and Audit Readiness: The DevOps Killer?DevOps.com
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 

More Related Content

What's hot

Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMPRay Potter
 
ISStateGovtProposal
ISStateGovtProposalISStateGovtProposal
ISStateGovtProposalDale White
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Precisely
 
FixNix vCISO CyberSecurity Network Security for Covid91
FixNix vCISO CyberSecurity Network Security for Covid91FixNix vCISO CyberSecurity Network Security for Covid91
FixNix vCISO CyberSecurity Network Security for Covid91Shanmugavel Sankaran
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...AlgoSec
 
Step Into Security Webinar - Physical Security Integration & Access Control -...
Step Into Security Webinar - Physical Security Integration & Access Control -...Step Into Security Webinar - Physical Security Integration & Access Control -...
Step Into Security Webinar - Physical Security Integration & Access Control -...Keith Harris
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesMuhammad Mudassar
 
PA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingPA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingSchellman & Company
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor NeutralityVandana Verma
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceAlgoSec
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationMonchai Phaichitchan
 
Compliance and Audit Readiness: The DevOps Killer?
Compliance and Audit Readiness: The DevOps Killer?Compliance and Audit Readiness: The DevOps Killer?
Compliance and Audit Readiness: The DevOps Killer?DevOps.com
 

What's hot (20)

Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMP
 
ISStateGovtProposal
ISStateGovtProposalISStateGovtProposal
ISStateGovtProposal
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
 
Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020Taking the Pulse of IBM i Security for 2020
Taking the Pulse of IBM i Security for 2020
 
FixNix vCISO CyberSecurity Network Security for Covid91
FixNix vCISO CyberSecurity Network Security for Covid91FixNix vCISO CyberSecurity Network Security for Covid91
FixNix vCISO CyberSecurity Network Security for Covid91
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...
 
Step Into Security Webinar - Physical Security Integration & Access Control -...
Step Into Security Webinar - Physical Security Integration & Access Control -...Step Into Security Webinar - Physical Security Integration & Access Control -...
Step Into Security Webinar - Physical Security Integration & Access Control -...
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
Arcsight explained
Arcsight explainedArcsight explained
Arcsight explained
 
Ooredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20ServicesOoredoo%20Security%20Managed%20Services
Ooredoo%20Security%20Managed%20Services
 
PA-DSS and Application Penetration Testing
PA-DSS and Application Penetration TestingPA-DSS and Application Penetration Testing
PA-DSS and Application Penetration Testing
 
SIEM Vendor Neutrality
SIEM Vendor NeutralitySIEM Vendor Neutrality
SIEM Vendor Neutrality
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
 
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous ComplianceReaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
Reaching PCI Nirvana: Ensure a Successful Audit & Maintain Continuous Compliance
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access Management
 
Cybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
 
Compliance and Audit Readiness: The DevOps Killer?
Compliance and Audit Readiness: The DevOps Killer?Compliance and Audit Readiness: The DevOps Killer?
Compliance and Audit Readiness: The DevOps Killer?
 

Similar to Introducing Assure Security Risk Assessment

Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsHelpSystems
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataPrecisely
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowPrecisely
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessPrecisely
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityPrecisely
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Precisely
 
ITAM Portfolio-The Big Umbrella-Slideshare.pptx
ITAM Portfolio-The Big Umbrella-Slideshare.pptxITAM Portfolio-The Big Umbrella-Slideshare.pptx
ITAM Portfolio-The Big Umbrella-Slideshare.pptxSandeep Bhatia
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Standards Customer Council
 
Cyber security series administrative control breaches
Cyber security series administrative control breaches Cyber security series administrative control breaches
Cyber security series administrative control breaches Jim Kaplan CIA CFE
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Today's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessJoAnna Cheshire
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyCloud Standards Customer Council
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Understanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iUnderstanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iPrecisely
 
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Denim Group
 

Similar to Introducing Assure Security Risk Assessment (20)

Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power Systems
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014
 
Effective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to KnowEffective Security Monitoring for IBM i: What You Need to Know
Effective Security Monitoring for IBM i: What You Need to Know
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
 
ITAM Portfolio-The Big Umbrella-Slideshare.pptx
ITAM Portfolio-The Big Umbrella-Slideshare.pptxITAM Portfolio-The Big Umbrella-Slideshare.pptx
ITAM Portfolio-The Big Umbrella-Slideshare.pptx
 
CISA Training - Chapter 5 - 2016
CISA Training - Chapter 5 - 2016CISA Training - Chapter 5 - 2016
CISA Training - Chapter 5 - 2016
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0Cloud Security Standards: What to Expect and What to Negotiate V2.0
Cloud Security Standards: What to Expect and What to Negotiate V2.0
 
Cyber security series administrative control breaches
Cyber security series administrative control breaches Cyber security series administrative control breaches
Cyber security series administrative control breaches
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Today's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your BusinessToday's Cyber Challenges: Methodology to Secure Your Business
Today's Cyber Challenges: Methodology to Secure Your Business
 
Latest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and PrivacyLatest Developments in Cloud Security Standards and Privacy
Latest Developments in Cloud Security Standards and Privacy
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Understanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iUnderstanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM i
 
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
 

More from Precisely

Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenZukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenPrecisely
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Crucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfCrucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfPrecisely
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Precisely
 
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...Precisely
 
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...Precisely
 
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3fTestjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3fPrecisely
 
Data Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity TrendsData Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity TrendsPrecisely
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Optimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAPOptimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAPPrecisely
 
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige InvestitionenSAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige InvestitionenPrecisely
 
Automatisierte SAP Prozesse mit Hilfe von APIs
Automatisierte SAP Prozesse mit Hilfe von APIsAutomatisierte SAP Prozesse mit Hilfe von APIs
Automatisierte SAP Prozesse mit Hilfe von APIsPrecisely
 
Moving IBM i Applications to the Cloud with AWS and Precisely
Moving IBM i Applications to the Cloud with AWS and PreciselyMoving IBM i Applications to the Cloud with AWS and Precisely
Moving IBM i Applications to the Cloud with AWS and PreciselyPrecisely
 
Automate Your Master Data Processes for Shared Service Center Excellence
Automate Your Master Data Processes for Shared Service Center ExcellenceAutomate Your Master Data Processes for Shared Service Center Excellence
Automate Your Master Data Processes for Shared Service Center ExcellencePrecisely
 
5 Keys to Improved IT Operation Management
5 Keys to Improved IT Operation Management5 Keys to Improved IT Operation Management
5 Keys to Improved IT Operation ManagementPrecisely
 
Unlock Efficiency With Your Address Data Today For a Smarter Tomorrow
Unlock Efficiency With Your Address Data Today For a Smarter TomorrowUnlock Efficiency With Your Address Data Today For a Smarter Tomorrow
Unlock Efficiency With Your Address Data Today For a Smarter TomorrowPrecisely
 
Navigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar DeckNavigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar DeckPrecisely
 
Mainframe Sort Operations: Gaining the Insights You Need for Peak Performance
Mainframe Sort Operations: Gaining the Insights You Need for Peak PerformanceMainframe Sort Operations: Gaining the Insights You Need for Peak Performance
Mainframe Sort Operations: Gaining the Insights You Need for Peak PerformancePrecisely
 
Preventing Downtime with Better IT Operations Management
Preventing Downtime with Better IT Operations ManagementPreventing Downtime with Better IT Operations Management
Preventing Downtime with Better IT Operations ManagementPrecisely
 

More from Precisely (20)

Zukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter MassendatenZukuntssichere SAP Prozesse dank automatisierter Massendaten
Zukuntssichere SAP Prozesse dank automatisierter Massendaten
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Crucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdfCrucial Considerations for AI-ready Data.pdf
Crucial Considerations for AI-ready Data.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10Justifying Capacity Managment Webinar 4/10
Justifying Capacity Managment Webinar 4/10
 
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
Automate Studio Training: Materials Maintenance Tips for Efficiency and Ease ...
 
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
Leveraging Mainframe Data in Near Real Time to Unleash Innovation With Cloud:...
 
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3fTestjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
Testjrjnejrvnorno4rno3nrfnfjnrfnournfou3nfou3f
 
Data Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity TrendsData Innovation Summit: Data Integrity Trends
Data Innovation Summit: Data Integrity Trends
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Optimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAPOptimisez la fonction financière en automatisant vos processus SAP
Optimisez la fonction financière en automatisant vos processus SAP
 
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige InvestitionenSAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
SAPS/4HANA Migration - Transformation-Management + nachhaltige Investitionen
 
Automatisierte SAP Prozesse mit Hilfe von APIs
Automatisierte SAP Prozesse mit Hilfe von APIsAutomatisierte SAP Prozesse mit Hilfe von APIs
Automatisierte SAP Prozesse mit Hilfe von APIs
 
Moving IBM i Applications to the Cloud with AWS and Precisely
Moving IBM i Applications to the Cloud with AWS and PreciselyMoving IBM i Applications to the Cloud with AWS and Precisely
Moving IBM i Applications to the Cloud with AWS and Precisely
 
Automate Your Master Data Processes for Shared Service Center Excellence
Automate Your Master Data Processes for Shared Service Center ExcellenceAutomate Your Master Data Processes for Shared Service Center Excellence
Automate Your Master Data Processes for Shared Service Center Excellence
 
5 Keys to Improved IT Operation Management
5 Keys to Improved IT Operation Management5 Keys to Improved IT Operation Management
5 Keys to Improved IT Operation Management
 
Unlock Efficiency With Your Address Data Today For a Smarter Tomorrow
Unlock Efficiency With Your Address Data Today For a Smarter TomorrowUnlock Efficiency With Your Address Data Today For a Smarter Tomorrow
Unlock Efficiency With Your Address Data Today For a Smarter Tomorrow
 
Navigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar DeckNavigating Cloud Trends in 2024 Webinar Deck
Navigating Cloud Trends in 2024 Webinar Deck
 
Mainframe Sort Operations: Gaining the Insights You Need for Peak Performance
Mainframe Sort Operations: Gaining the Insights You Need for Peak PerformanceMainframe Sort Operations: Gaining the Insights You Need for Peak Performance
Mainframe Sort Operations: Gaining the Insights You Need for Peak Performance
 
Preventing Downtime with Better IT Operations Management
Preventing Downtime with Better IT Operations ManagementPreventing Downtime with Better IT Operations Management
Preventing Downtime with Better IT Operations Management
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Recently uploaded (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Introducing Assure Security Risk Assessment

  • 1. Introducing Assure Security Risk Assessment Bill Hammond – Product Marketing
  • 2. Webcast Audio • Today’s webcast audio is streamed through your computer speakers. • If you need technical assistance with the web interface or audio, please reach out to us using the Q&A box. Questions Welcome • Submit your questions at any time during the presentation using the Q&A box. • We will answer them during our Q&A session following the presentation. Recording and slides • This webcast is being recorded. You will receive an email following the webcast with a link to download both the recording and the slides. Housekeeping Bill Hammond Sr Product Marketing Manager
  • 3. A recent survey by Syncsort of companies running IBM Power Systems shows the impact that security and compliance are having on IT priorities: • 45% say the possibility of a security/privacy breach is a top IT concern • 48% say security is their #1 IT initiative over the coming 24 months • 75% say compliance regulations define their company’s security program • 33% say the growing complexity of regulations presents a challenge to ensuring security Compliance & Security Are Top of Mind for IBM Power Pros
  • 4. Key IBM i Security Concepts • The IBM i is not inherently a secure system. However, it is extremely securable. • Legacy, proprietary protocols now cohabitate with new, open-source protocols – creating new access point headaches • The worldwide hacker community has discovered the IBM i as a high value target • Being in compliance does not automatically mean the system is secure.
  • 5. Global Laws and Regulations United States Canada CCPA PIPEDA PCI DSS PCI DSS FISMA GDPR GLBA CCPA SOX State & Federal Laws GDPR United Kingdom Data Protection Act (DPA) PCI DSS GDPR CCPA European Union GDPR Data Protection Directive 94/45/EC Directive 2002/58/EC Basel III PCI DSS CCPA Japan Personal Information- Protection Law PCI DSS GDPR CCPA Asia-Pacific Forum on Privacy & Data APEC PCI DSS GDPR CCPA Latin America PCI DSS E-commerce Act Consumer Protection Code Law for Protection of Private Life Data Protection Bill GDPR CCPA
  • 6. What Requirements Do Regulations Have in Common? • Strengthen and monitor login security • Control the use of powerful user authorities • Lock down access to systems and data • Encrypt (anonymize, deidentify, tokenize, etc.) private data, both at rest and in transit; encrypt removable storage and archival files • Implement strong encryption key management policies • Implement comprehensive logging and monitoring of systems and data for security and compliance incidents • Certify that vendors, service providers, etc. are compliant • Periodic security risk assessments
  • 7. Most regulations require some sort of security audit/assessment on a regular basis • Payment Card Industry Data Security Standard (PCI DSS) • Health Insurance Portability and Accountability Act (HIPAA) • General Data Protection Regulation (GDPR) • New York Dept. of Financial Services Cybersecurity Regulation (23 NYCRR 500) • and others Regulatory Requirements for Security Assessment
  • 8. A good security risk assessment should include: • Checks of system definitions and settings • Explanation of what they mean • Recommendations of any changes needed What Should an Assessment Include? Assessment results should be detailed enough to guide the technical staff responsible for security while also providing an overview for managers and executives.
  • 9. Security Risk Assessment Service Let Syncsort’s team of security experts conduct a thorough risk assessment and provide a report with remediation guidance Assure Security Risk Assessment Tool Thoroughly check all aspects of IBM i security and obtain detailed reports and recommendations Risk Assessment
  • 10. Security Risk Assessment What It Is • A security risk assessment is a thorough check of all aspects of system security, including (but not limited to): • Security settings in the OS • Default passwords • Disabled users • Command line users • Distribution of powerful users • Library authorities • Open ports • OS exit points • Risk assessments tools or services provide detailed reports on findings, explanations and recommendations for remediation • Assessment summary for non-technical management summarizes findings Benefits • Helps to satisfy the requirement for annual risk assessments found in regulations such as PCI DSS and HIPAA • Results in reports that inform management and administrators about security vulnerabilities and remedies • Saves time by automating (tool) or offloading (service) the process of conducting as assessment • Using a service or tool that encapsulates extensive experience can fill skillset gaps • Provides separation of duties between administrator and auditor
  • 12. Management Summary Report Overview Gauge to illustrate where the LPAR falls overall on the scale This is the System Name This report can be run in 3 modes: SUMmary, FAST and Full
  • 13. Management Summary The assessment results will fall into these four categories This section explains how the system did in the four categories
  • 14. Management Summary The SRA tool has three risk ratings This table shows the number of checks by category performed and where this system/LPAR rated for each
  • 15. Management Summary Easy to read charts help users understand the results
  • 16. Management Summary Management Summary Categories • System Values Category • QALWOBJRST – Allow Object Restore • QCRTAUT – Create Default Public Authority • QPWDMINLEN – Minimum Password Length • QUSEADPAUT – Use Adopted Authority • User Profiles Category • Distribution of Powerful Profiles, • Default Passwords • Inactive Users • Limited Capability (Command Line) Users • IBM Profiles with a Password • Object Authorities Category • Library Authorities • Object Authorities with *PUBLIC Authority • Commands with *PUBLIC not *EXCLUDE • File Shares (Big thing with Ransomware) • Programs that Adopt *ALLOBJ Authority • Access through Network Category • information about the open ports and Exit Points on the IBM i
  • 17. Detail Section System Value with System Name Description Rating, Recommendation and Explanation Current Setting
  • 18. Detail Section Report Title Description Rating and Findings Recommendation and Explanation Supplemental Report Name
  • 19. 19 Detail Section Report Title Findings Explanation Rating and Recommendation Supplemental Report Name Syncsort Confidential – For Syncsort Staff and Partners Only
  • 20. Detail Section Report Title Rating and Findings Explanation and Recommendation
  • 22. Key Areas Examined System Values • Security • Password • Auditing • Powerful User Profiles • Default Passwords • Dormant Users • Limited Capabilities • IBM Profiles • Group Profiles • Service Tools User IDs Object Authorities • Libraries • Files, Programs, etc. • User Profiles • Commands • Authorization Lists • Job Descriptions • Output Queues Access through the Network • Ports • Exit Points User Profiles Sample Result with Guidance
  • 23. Register for Your Free Assessment Assure Security Risk Assessment provides a useful and informative picture of your IBM i security: • Checks dozens of security definitions on your IBM i • Compares actual values against recommended best practice • Tags results with three simple severities – OK, Warning, or High Risk • Explains the meaning and significance of system definitions • Delivers easy guidance on reducing cyber security risks • Provides a high-level management summary of security risks
  • 24.
  • 25. Q&A Link to Assure Security Risk Assessment Click Here