6 Top Security Weaknesses Affecting IBM i Systems

a photo of a stop light on red

March 23, 2018 Disaster Recovery News Blog, Legacy System Blog Articles

IBM i systems are a powerhouse in the business world, used for business-critical data and operations around the globe. But when it comes to users’ sensitive personal information (SPI) or payment data, would you say it’s worth leaving holes in your security plan?

We’d guess not. And yet, across industries like finance, healthcare, and manufacturing, IBM i users leave obvious gaps – like poor password security, lack of antivirus protection, or even exit point monitoring. In fact, according to HelpSystems, about 20% of systems fail to follow the overall system security best practices recommended by IBM.

To avoid becoming a victim to your own system’s security weaknesses, consider the following:


1. Cybersecurity

It should come as little surprise that cybersecurity is at the top of this list. In fact, an estimated 72% of IBM i users listed it as a top concern for 2018. With today’s age of e-commerce and cloud computing, cyber security is a subject on everyone’s mind – from the business manager to the end user.

While it’s true that businesses are taking important steps to keep their systems secure against threats like data breaches, Ransomware, or phishing scams, it’s surprising how few have still taken measures like proper network traffic monitoring or configured servers (see below).


2. Too Much Access (and Authority)

This issue is twofold. First, IBM i servers tend to have too many profiles with too much authority. Second, system users have access to much more data than they really need.

The first issue of overreaching user authority can come back to haunt companies in an ugly way. Employees that are either negligent or vindictive could cause data loss, damage to data integrity, or even data theft (whether intentional or due to carelessness). As if that’s not bad enough, these issues are well known to auditors, who will be keeping an eye out for them. To avoid fines, penalties, and even damage to your reputation, it’s always best to be proactive when it comes to handling user access rights and authority.


3. Network Access Control

This issue goes hand in hand with cybersecurity. If your network isn’t being properly monitored, weak points are inevitable. This means that malicious attacks can be made through your network’s back door, without any traceability.

Adoption of IBM’s exit point technology goes a long way in solving this issue. This will heighten your control over your network, and help maintain accountability for both authorized and unauthorized network data access. Make sure that as you adopt new network data access utilities, your adoption of exit point security keeps pace.


4. User Account Security

When creating a new user profile on IBM i, the default password will be the same as the username. This is no secret, and is known to users and administrators alike.

However, according to a study conducted by HelpSystems, about 24% of systems have over 100 user profiles using default passwords. Now consider that statistic again, remembering that most accounts have more access and authority over system data than they really need (mentioned above).


5. Poor Monitoring

This applies to more than just your network, or user activity. Effective monitoring also includes system audits, which will make you aware of any holes in your configuration.

Without effective auditing, violations of your security standards go undetected. Auditors in general are aware of this issue, both from the IBM i platform and other platforms as well. They will be looking out for the abuse of authority by users, and checking that there are controls in place to ensure that users’ access to data is within (and not beyond) their demonstrated need.


6. Malware Vulnerability

With the rise of Ransomware, cyber attacks and security breaches worldwide, it’s surprising that only about a third of shops have anti-virus protection implemented. On top of that, over half of shops have no plan to implement it.

Companies that are not taking simple precautions, like scanning files upon opening them, are at risk for damaging internal objects and spreading infections across servers on the same network. Malware protection is one of those solutions that every company should have in place.


For  more information on how to keep your systems (IBM Power, Unisys and Windows) secure against security weaknesses and disasters, contact us today at 317-707-3941.


Back to blog list