Is the IBM i secure or irrelevant? Vulnerabilities

4 02 2010

In the past ten years, IBM dedicated a lot of resources to updating IBM i. With large increases in functionality, including Web enablement, comes additional opportunities for profit as well as venerability. Many traditional business users are not interested in improvements in areas such as Web enablement and, therefore, will not be exposed to many of the vulnerabilities. However, to ignore potential problem areas can result in exposure to regulatory violations and legal actions.

This post from Jon R. Kibler, Chief Technical Officer at Advanced Systems Engineering Technology, Inc. provides some insight into the IBM i vulnerabilities. Although the list is quite small and I expect that a number of them have been addressed, the point is that all system platforms, including IBM i, have vulnerabilities. If there is no one in-house that can establish audit requirements, set up user guidelines, provide substantive policy and tailor your system, or systems, to implement those requirements, guidelines and policies, then thought should be given to bringing in an outside security consultant.

Other ways of limiting your exposure include the use of third party functionality such as Yahoo! Merchant Solutions which can provide a secure customer front end with the ability to transfer orders to your business system for processing, the use of virtual cloud technology such as the Rackspace Virtual Private Cloud and the use of highly secure, cross platform managed file transfer technologies from companies such as Stonebranch. Of course, these are only three options out of thousands that exist.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: