Compliance with government and industry regulations, such as Sarbanes Oxley (SOX) and Payment Card Industry (PCI), is now a fact of doing business. With regulation comes accountability and audits. And as part of any audit, auditors demand a security policy and proof of compliance for critical IT systems. So, organizations around the world are tightening the controls for the configuration and use of their critical business servers. Yet many people don't understand how or where to start this process—the need is great for an easy, intuitive tool to help you determine the real state of your "secured" IBM i servers and provide a good idea of how to proceed.

Reveal Strengths and Weaknesses

PowerTech has that tool and it's free. In just a few minutes, a PowerTech Compliance Assessment for Power Systems running IBM i can show you clearly how people are accessing your most sensitive data. For example, did you know that 68 percent of systems allow any user to change data on the IBM i by using PC applications such as Microsoft Excel? Or that 50 percent of all systems have more than 16 users with default passwords (i.e., where password = username), making them vulnerable to attack?

Review Security Setup

The PowerTech Compliance Assessment tool runs directly from your PC, and there is no need to install any host software. Within minutes, you have a comprehensive report that displays in your favorite web browser as a sophisticated interactive application, as Figure 1 shows. You see the details of the current security configuration of your IBM i, including any major vulnerabilities. During the process, a PowerTech security advisor works with you to explain the findings in the report and make recommendations. To find out how secure your systems really are, register for your free compliance assessment.

Identify Exceptions and Simplify Reporting

After your assessment, you'll want to identify exceptions to your compliance policy and simplify your system configuration and user activity reporting. Given the mission-critical data on your IBM i servers, regular audit reports comparing your systems' configuration to your compliance policy are essential. Compliance Monitor from PowerTech consolidates audit data from multiple systems into an intuitive GUI. For fast implementation, Compliance Monitor is configured with a set of audit reports recommended for SOX and PCI compliance. For more sophisticated needs, powerful filters let you generate custom reports easily. Learn how PowerTech Compliance Monitor helps you get your audit reporting needs under control.

Robin Tatam is director of security technologies for PowerTech.

Vendor Contact Information

PowerTech
253-872-7788
powertech.com