View brief 30-60 minute webinars about Security and Compliance, hosted by the Security Experts at PowerTech. Choose the webinar you would like to view below.

Please note: WebEx is experiencing an issue that may cause an echo to be heard during playback of recorded webinars. They are working to correct this issue. We apologize for any poor sound quality you may experience.

A Primer on IBM i User Profiles and How To Deploy Them Properly

Few areas affect the security of your IBM i server as much as your user profiles. Knowing how to configure and maintain user profiles correctly is critical to preventing unauthorized access to your data.

Attend this important session to learn about the security aspects of user profiles, including:

• Special Authorities
• Limited Capabilities
• User Class
• Group Profiles
• User Auditing
• Changing to the Authority of Another User
• Common Ways that Users Circumvent Authority
• V6R1 enhancements

VIEW THE WEBINAR

Taking Charge of PCI Compliance for IBM i

"From the world's largest corporations to small Internet stores, compliance with the PCI Data Security Standard (PCI DSS) is vital for all merchants who accept credit cards, online or offline, because nothing is more important than keeping your customer's payment card data secure." — PCI Security Standards Council

Complying with the PCI standard is a normal part of doing business in today's world. But, PCI applies to multiple platforms. The challenge becomes how to map the PCI requirements to a specific platform, such as Power Systems running IBM i, UNIX, Windows, and so on. And, more importantly, how can you prove compliance?

View this webinar to understand:

• PCI requirements and how they relate to IBM i systems
• IBM i-specific barriers to compliance
• How PowerTech security solutions help you fulfill PCI requirements, meet compliance guidelines, and satisfy auditors

You'll leave with the knowledge and confidence you need to evaluate PCI compliance requirements and prepare your IBM i system for today's regulatory challenges.

VIEW THE WEBINAR

DataThread—Surveillance des Bases de Données sous IBM i

Nous savons tous que si nous appliquons une politique de conformité par rapport aux réglementations sur la sécurité, nous devons également nous assurer le même niveau d'exigence sur les données. DataThread, notre logiciel de surveillance des Bases de Données vous permet d'automatiser, de rationaliser, de notifier les experts, de valider les autorisations quant aux suivis des changements effectués.

VIEW THE WEBINAR

Jump Start Your IBM i Security Policy

Don't make the mistake of pursuing security and compliance without a security policy. Without governing guidelines, any security initiative will be more expensive and far less likely to succeed.

Too many companies today try to resolve their security issues without first defining the underlying processes necessary to remediate and prevent reoccurrence. Fortunately, PowerTech offers an Open Source Security Policy framework that is available to the IBM i security industry. Remember, if you don't have a policy, an auditor might just compare your security setup to their own!

View this informative session to learn why you need a security policy and how to:

• Establish policy requirements
• Build a security policy
• Audit your system against the policy
• Simplify compliance reporting

VIEW THE WEBINAR

An Auditor's View: Assessing IBM i Security Vulnerabilities

For the past eight years, PowerTech has compiled audit data trends from over 1,500 servers into the annual "State of IBM i Security" study. Each year, the study identifies many of the same vulnerabilities, suggesting that shops are still not where they need to be in terms of security and auditing.

Join us for this Webinar where you'll learn how to get started auditing IBM i security, and how PowerTech's Compliance Assessment can perform a personalized review of your environment—in under 15 minutes!

You'll learn about auditing these critical areas:

• System Values
• Network Access, such as FTP and ODBC
• User Profiles
• Special Authorities
• Event Auditing
• Public Data Access

VIEW THE WEBINAR

Untraceable Access To Your Company's Private Data

PowerTech's annual "State of IBM i Security" study shows that the vast majority of organizations still rely on menu security to protect their data. Unfortunately, users have access to numerous interfaces that completely bypass these controls and make it easy to view, update, and delete data in the database. If you need to comply with any type of regulation, or just want to ensure the integrity of your application data, it's critical that you understand the openness of these interfaces.

View this informative Webinar to learn more about IBM i security and how users could be accessing your company's private data without leaving a trace. You'll also learn how to close the "back doors" not covered by traditional menu security schemes, and how to implement policies that restrict access to only the users who need it.

VIEW THE WEBINAR

PowerTech Dashboards Using SEQUEL Software

This 30-minute recorded webinar shows you how the PowerTech products can work with SEQUEL data access and analysis software to display the information you want to see.

You'll learn how to use:

• our pre-configured dashboards to view Authority Broker configuration and profile swap information
• Network Security transactions and server information
• DataThread file changes
• Command Security actions
• and much more

These dashboards provide a high-level overview of your security, with the ability to drill down to the details.

VIEW THE WEBINAR

IBM i Viruses: Fact or Fiction

View this informative webinar to learn about the risks associated with viruses and why the reputation IBM i holds for being "virus-proof" is not entirely accurate. We'll discuss the challenges posed by today's virus threats and follow up with a brief demonstration of Bytware's native StandGuard Anti-Virus solution.

You'll learn about:

• The myths associated with viruses and IBM i
• What IBM has (and hasn't) done to safeguard IBM i from viral attacks
• How to configure IBM i controls to counter the spread of viruses
• Why scanning from a network server is a BAD idea
• The necessity of anti-virus protection for regulatory compliance

VIEW THE WEBINAR

Reduce the Cost and Effort of IBM i Auditing

At one time or another, every system administrator and security officer faces the question "who did it?" IBM i can audit numerous events and you should be using its capabilities. However, what happens after you collect the event data? How do you convert the raw data into useful information?

Auditors and internal policy controls often require the review of numerous security details and configuration metrics. Not only is this time-consuming—especially when multiplied across many systems—it's a resource-intensive process. Often, we do it only when we have to, instead of as part of an ongoing security plan.

View this Webinar to understand:

• How to configure IBM i to record system and user events
• What activities can (and cannot) be audited
• The mechanisms available to extract audit data from the audit journal
• What other information does an auditor want to see
• How to advance to the next level of audit reporting with PowerTech Compliance Monitor 3

VIEW THE WEBINAR

Secure Your IBM i Server from Unauthorized Command Use

Overly powerful users are frequently cited by IBM i auditors as a critical issue. Too often, users can execute commands, either directly from a command line or from unmonitored network services, such as FTP. Even on well-configured systems, the ability of users with "public" authority to run critical commands, like ENDSBS, might shock you.

View this informative Webinar to learn about the risks associated with commands, and a live demonstration of PowerTech's new Command Security solution. We'll show how you can use it to prevent a security officer from "accidentally" performing a midday IPL! You'll learn about:

• The controls IBM i provides for restricting command use
• How users can bypass command line limitations
• How to apply controls to commands that must be executed
• How to audit and send a notification when a user issues a sensitive command

VIEW THE WEBINAR

Protect IBM i Data from FTP, ODBC, and Remote Command

PowerTech's annual "State of IBM i Security" study shows that the vast majority of organizations still rely on menu security to protect their data. Unfortunately, users have access to numerous interfaces that completely bypass these controls and make it easy to view, update, and delete data in the database. If you need to comply with any type of regulation, or if you simply want to ensure the integrity of your application data, learning about the openness of these interfaces is critical.

View this informative Webinar to learn more about IBM i security and how to close the "back doors" not covered by traditional menu security schemes. You'll also learn how to implement policies that restrict access to only those users who need it.

VIEW THE WEBINAR

Proteger los datos en AS400 e iSeries de FTP, ODBC y Remote Command

Un estudio anual realizado por PowerTech, El Estado de la Seguridad en IBM i, demuestra que la gran mayoría de empresas siguen dependiendo de la seguridad del menú del propio sistema para proteger sus datos. Desafortunadamente, los usuarios tienen acceso a múltiples interfaces que no están regidas por estos controles tradicionales, lo cual permite que alguien pueda ver, cambiar y borrar la base de datos.

Si tienes que cumplir con reglamentos o normas de industria, o simplemente quieres asegurar la integridad de tus datos, es imprescindible que entiendas las vulnerabilidades que presentan estas interfaces.

Asiste a este webinar para informarte sobre:

• los diversos aspectos de la seguridad del IBM i;
• cómo cerrar las "puertas traseras", aspecto no contemplado por las soluciones de seguridad del menú del sistema;
• cómo implementar los criterios de seguridad que limiten el acceso a solo los usuarios que realmente tengan necesidad.

Además, recibirás una evaluación SIN COSTO sobre la actual configuración de la seguridad en tu sistema, la cual será realizada con nuestro soporte técnico.

VIEW THE WEBINAR

Monitoring IBM i Database Access with DataThread

Do you know exactly how your data is being accessed? Can you prove it to an auditor? At one time or another, every database administrator or security officer faces the question "What happened to the data?" Built-in audit controls in IBM i enable visibility of activities at the object level, but provide no evidence of activities at the record or field level.

Now, imagine being able to easily report on data changes, but only if those changes involve an important field and originate outside the normal application. Maybe you want to be notified whenever a record is viewed in an editor such as DBU or DFU, or only when a field value changes significantly. For critical data, you might want to verify that the user is authorized to make the change by requiring a reason code and an electronic signature, and send out an alert via e-mail. DataThread can help you get control over your database access.

Join this Webinar to understand:

• How regulations already "require" you to monitor database activity
• What auditors want to see and why auditing alone comes up short
• How database monitoring can reduce the impact and cost of a security breach
• How database monitoring can improve data accuracy
• How to start monitoring for database activity (hint: you may already be doing it)
• The future of IBM i database monitoring with DataThread

Attendees are eligible to receive a FREE Compliance Assessment.

VIEW THE WEBINAR

Configuring and Using IBM i Auditing Functions

Did you know that IBM i includes powerful auditing capabilities? In fact, our own class- leading audit reporting solution leverages the information captured by the operating system. Join this Webinar—based on content previously presented at COMMON—to learn about activating and configuring the auditing capabilities inherent to iSeries.

You'll learn about:

• Security audit journal
• Audit data management
• Configuring the audit system values
• A user profile's *AUDIT special authority
• Object auditing
• User auditing
• Basic reporting capabilities
• Advanced reporting options

You'll also learn about what system auditing does NOT capture, and how to prevent it from causing you to fail an audit.

VIEW THE WEBINAR

Como evaluar la seguridad en el servidor de IBM i en 15 minutos

Durante los últimos ocho años, PowerTech ha recopilado las tendencias en cuanto a la configuración de seguridad en más de 1,400 servidores de IBM i. En gran parte se ven las mismas vulnerabilidades año tras año. En muchos casos los servidores de IBM i no están al nivel deseado de seguridad y auditoría.

Acompáñanos durante esta presentación por webex donde aprenderás cómo empezar a hacer una auditoria de tu servidor IBM i. Verás como una herramienta de PowerTech puede proporcionar una evaluación personalizada de tu entorno de seguridad en menos de 15 minutos.

Vas a aprender cómo realizar una auditoria de estas áreas importantes:

• Valores del sistema
• Control de accesos (ejemplo FTP, ODBC, Remote Command, etc.)
• Perfiles poderosos
• Autoridades especiales
• Auditoria de eventos

Al asistir, tendrás la oportunidad de realizar una evaluación de seguridad en tu sistema, SIN COSTO.

VIEW THE WEBINAR

Crowd Control: Managing Data Access for Powerful Users

One of the greatest challenges an organization faces when securing an IBM i environment is protecting the system from the people who are charged with its care: programmers, administrators, and security officers. These power users often need access to restricted objects and commands, but they rarely need that level of access 24 hours a day, and definitely not without accountability.

Join this session to learn about the vulnerabilities associated with powerful users. Then, explore Authority Broker, an award-winning approach to regaining the control your auditors demand while allowing your administrators and programmers to do their jobs.

VIEW THE WEBINAR

7 Habits Of Highly Secure Organizations

Everyone knows that security is important, but getting started on the road to compliance can be confusing and intimidating. Understanding common vulnerabilities helps you focus your attention and resources on the areas that need the most help.

We all want "best-practice" security, but what are top organizations doing to achieve and maintain it? Attend this session to learn the details about how to develop the seven habits that are part of daily life for secure organizations. You'll learn how to:

• Break the Ostrich Syndrome
• Develop a Security Policy
• Assess Current Standing
• Perform Security Event Logging and Review
• Use "Best of Breed" Technologies
• Monitor for Ongoing Compliance
• Plan For The Future

This session examines what each of these habits means to the IBM i, and helps you make sure that you don't become the next security statistic.

VIEW THE WEBINAR

El estado de seguridad en el Power System i (en español)

Cada año PowerTech publica un estudio sobre las configuraciones de seguridad en los servidores Power System i (AS/400, iSeries y System i). Actualmente en el octavo año del estudio, seguimos viendo muchas de las mismas vulnerabilidades a través de un proceso anónimo de auditoría.

El estudio incluye una revisión de seis principales áreas de seguridad:

• Control de acceso
• Valores del sistema
• Ajustes del sistema
• Derechos del administrador
• Autoridad pública de los datos
• Auditoría de los eventos

Asiste este webinar para informarte sobre los pasos a tomar para resolver las vulnerabilidades más comunes y frecuentemente olvidadas de los sistemas en tu organización.

VIEW THE WEBINAR

How To Avoid Penalties Through PCI Compliance

Formed by the world's largest processors of credit card information, the Payment Card Industry Data Security Standard (PCI DSS) strives to ensure the security of credit card transactions. With billions of dollars being lost annually to a growing wave of credit card fraud, mistakes come with a hefty price tag from lost revenue, fines, or both.

As a participating member of the PCI security standard council, PowerTech is very aware of the costs and challenges businesses face to implement these standards.

Attend this informative Webinar to learn about the requirements of PCI DSS compliance, and how IBM i is well suited to meet the challenge. We'll also cover how the PowerTech products can help you manage your system security to comply with industry standards.

VIEW THE WEBINAR

State of IBM i Security Study 2011

UPDATE: New 2011 study released.

PowerTech publishes a popular study of the configuration of IBM System i servers each year, called The State of IBM i Security. Now in its eighth year, we continue to see many of the same vulnerabilities reported to us through an anonymous auditing process.

The report includes a review of six main audit categories:

• Network access
• System values
• User settings
• Administrative rights
• Public authority to data
• Event auditing.

View this informative Webinar for insight into the 2011 edition of the study and to learn what steps your own organization should take to address the same commonly overlooked and dangerous security exposures.

VIEW THE WEBINAR

Cómo cumplir con las normas de PCI en servidores de IBM i

El estándar de la seguridad de datos para la industria de tarjetas de pago (PCI DSS, Payment Card Industry Data Security Standard) tiene como objetivo garantizar la seguridad de transacciones de tarjetas de crédito. Miles de millones de dólares se pierden anualmente por fraude en transacciones de tarjetas de crédito. Las equivocaciones tienen un precio alto en cuanto a perdidas de ingresos, a multas, o a las dos cosas.

Como miembro activo del consejo de estándares de seguridad PCI (PCI Security Standard Council), PowerTech se mantiene al tanto de los costos y desafíos que enfrentan las empresas para implementar estos estándares.

Asiste a este webinar explicativo para informarte sobre:

• Cuáles son los requisitos para cumplir con las normas PCI DSS;
• Qué tan preparado está el entorno IBM i para hacer frente a estos desafíos;
• Cómo los productos de PowerTech pueden ayudarte cumplir con estas normas a través de una demostración

Además, recibirás una evaluación SIN COSTO de la configuración de seguridad en tu sistema, la cual será realizada por nuestro soporte técnico. ¡Inscíbete ahora!

Presentadores:
Pablo Tellez, Ingeniero en Seguridad, PowerTech (empresa de Help/Systems)
Jeanne Larson, Gerente Comercial para Latinoamérica, Help/Systems

VIEW THE WEBINAR

Configuring IBM i Auditing Functions

Did you know that IBM i includes powerful auditing capabilities? In fact, our own class-leading audit reporting solution leverages the information captured by the operating system. Join this Webinar—based on content previously presented at COMMON—to learn about activating and configuring the auditing capabilities inherent to iSeries.

You’ll learn about:

• Security audit journal
• Audit data management
• Configuring the audit system values
• A user profile’s *AUDIT special authority
• Object auditing
• User auditing
• Basic reporting capabilities
• Advanced reporting options

Controlling & Auditing Your Powerful Users with Authority Broker

One of the greatest challenges an organization faces when securing an IBM i environment is protecting the system from the people who are charged with its care: programmers, administrators, and security officers. These power users often need access to restricted objects and commands, but they rarely need that level of access 24 hours a day, and definitely not without accountability.

Join this session to learn about the vulnerabilities associated with powerful users. Then, explore Authority Broker, an award-winning approach to regaining the control your auditors demand while allowing your administrators and programmers to do their jobs.

VIEW THE WEBINAR

Critical Security Resolutions for IBM i (AS/400) in 2011

As the New Year gets under way, make a resolution to make this the year you celebrate your server security!

Based on the experience gained from assessing thousands of servers for the "State of IBM i Security" study, PowerTech has a unique insight into what companies are doing right—and doing wrong—when it comes to IBM i security. From user account management to network access, there is significant room for improvement on virtually every server.

While the economy is showing signs of recovery, budgets and resources continue to be scarce in 2011. Making efficient use of the controls that IBM includes in the base operating system is crucial; as is understanding when to invest in outside technology. Unfortunately, an IBM i server is often given the impossible task of securing itself, resulting in data that is easily read, changed, and even deleted without a trace.

View this session to learn numerous recommendations about the critical ways that you can tighten IBM i security controls.

VIEW THE WEBINAR

Configuring Real-time Security Event Notification on IBM i

The IBM i operating system provides the ability to audit system and user events. But, after the event data is collected, the challenge becomes how to disseminate the raw data, in real time, as useful information.

View this webinar to understand:

• How to configure the IBM i operating system to record system and user events.

• How to add PowerTech Network Security to audit network-based events such as FTP and ODBC.

• How to send real-time alert notifications as system log events to a Security Information and Event Management (SIEM) console using Interact from PowerTech.

• How to send real-time alert notifications to e-mail addresses and cell phones using Robot/CONSOLE and Robot/ALERT from Help/Systems.

VIEW THE WEBINAR

Understanding PCI Compliance on IBM i Servers

Formed by the world's largest processors of credit card information, the Payment Card Industry Data Security Standard (PCI DSS) strives to ensure the security of credit card transactions. With billions of dollars being lost annually to a growing wave of credit card fraud, mistakes come with a hefty price tag from lost revenue, fines, or both.

As a participating member of the PCI security standard council, PowerTech is very aware of the costs and challenges businesses face to implement these standards.

View this informative Webinar to learn about the requirements of PCI DSS compliance, and how IBM i is well suited to meet the challenge. We'll also cover how the PowerTech products can help you manage your system security to comply with industry standards.

VIEW THE WEBINAR

Securing & Controlling Your Powerful Users with Authority Broker

One of the greatest challenges an organization faces when securing an IBM i environment is protecting the system from the people who are charged with its care: programmers, administrators, and security officers. These power users often need access to restricted objects and commands, but they rarely need that level of access 24 hours a day, and definitely not without accountability. View this session to learn about the vulnerabilities associated with powerful users. Then, explore Authority Broker, an award-winning approach to regaining the control your auditors demand while allowing your administrators and programmers to do their jobs.

VIEW THE WEBINAR

A Primer on IBM i User Profiles and How To Deploy Them Properly

Few areas affect the security of your IBM i server as much as your user profiles. Knowing how to configure and maintain user profiles correctly is critical to preventing unauthorized access to your data.

Attend this important session to learn about the security aspects of user profiles, including:

• Special Authorities
• Limited Capabilities
• User Class
• Group Profiles
• User Auditing
• Changing to the Authority of Another User
• Common Ways that Users Circumvent Authority
• V6R1 enhancements

VIEW THE WEBINAR