This content made possible by our sponsor. It is not written by or reflect the views of MSP TechMedia or IBM Systems Magazine.

Becky Hjellming

Becky Hjellming

Product Marketing Director, Security and High Availability


Specializing in IBM i security, high availability, disaster recovery, backup and archiving, and systems management.

Facebook Twitter LinkedIn Blog

In the early years of the AS/400, it was primarily a closed system, so implementing security was relatively simple. The approach was primarily managing user authorities, securing user access through menus and applications, and perhaps implementing rudimentary object-level security. In many cases, this was sufficient.
In the 1990s, with the advent of the Internet and the growing need to provide communication between systems and business partners, IBM opened up the system to TCP/IP. In time, the numbers of ways the system could be accessed grew, and the job of securing the system became increasingly more complex.
With all computing platforms becoming more open the incidence of security breaches increased, and with high-profile breaches came a host of compliance regulations that further expanded the ways in which companies needed to secure their systems and protect sensitive data – and the associated complexities.
Today, the job of managing security and compliance on IBM i systems can be complicated, requiring dynamic technologies and processes that are able to respond quickly to ever-evolving threats and new regulations.
Achieving a Secure IBM i - A Journey That Never Ends
Achieving optimal security on the IBM i isn’t so much a destination as it is a journey that’s marked by a continual series of efforts toward improvement.
That’s because security is never static: threats are constantly changing, new and expanded compliance regulations are being introduced, and there are new technologies and best practices to consider. On top of that, IBM i environments are in a constant state of flux resulting from changing user needs, new workloads, added internal and external interfaces, and more. This dynamic situation creates an array of concerns for IT staff, security officers, and corporate management. Enterprises must work to cover all aspects of securing the IBM i including:
  • Assessing security and compliance on a regular basis
  • Enforcing security and compliance policies
  • Defending against unauthorized access
  • Auditing and tracing suspicious activity
  • Keeping sensitive data away from prying eyes
  • Limiting user privileges and monitoring powerful profiles
  • Integrating IBM i security data with the rest of the enterprise
To achieve a security posture that is a real deterrent to theft or fraud – whether perpetrated by external or internal actors – enterprises must employ a determined, consistent effort that combines the right mix of technologies, expertise and best practices.