You are currently on IBM Systems Media’s archival website. Click here to view our new website.

POWER > Systems Management > Security

Tool Enables IBM i Administrators to Assess Security Weaknesses

Security Assessment Tool

Not-So Secret Passwords

Another problem security administrators face is when user profiles and passwords are weak points. Even though they’re designed to block hackers, Ford believes too many users have passwords that can hand cyber thieves the key to their employer’s data. “The easiest hack for many cyber pirates is using default passwords or dictionary passwords,” he notes. The default password is the easiest as it’s usually the same as the user name. Dictionary passwords include movie titles, names of sports teams, family names and other popular cultural references. Users also often use the same passwords for all the systems they access. Once access is gained to one system, all connected systems are at risk.

The IBM i CART hunts down these easy passwords and their variations. “We have created a tool that actually does a dictionary check of its users’ passwords,” Ford says. “Using 10,000 well-known passwords discovered in reported breaches, we can calculate and compare whether a user or administrator’s password is on that list.” With that knowledge, security administrators can encourage users to create more complex passwords or disable their account until a more complex password is entered.

“Using 10,000 well-known passwords discovered in reported breaches, we can calculate and compare whether a user or administrator’s password is on that list.”
—Terry Ford

Identifying unsecure user names and passwords is a small part of the CART’s function. “We report on more than 1,000 data points related to security settings, configuration and statistics of system use,” Ford says. “With this, a client can observe changes over time or perform various types of trend analysis related to security. There are probably millions of other pieces of information that we’re scanning through and interrogating to see how it’s accessed and who owns it. We don’t look at the content of any file. We simply check to make sure a backdoor isn’t present in any of those objects.”

An event-monitoring component is also included with the CART. This gives clients a more granular look at security events across all of their enterprise’s IBM i systems in real time. “It can then alert those who need to know of their occurrence or report on them from the central data mart,” Ford says. “We also provide a utility for customers to add or create items or events of their interest.”

The Gift of Time

Over the past four years, the CART has become a flagship item in Lab Services’ portfolio, and it’s based on IBM’s security assessment tool, which has had more than two decades of development. But it’s always evolving. Lab Services continually aims to provide better systems and security management because Ford notes cybercriminals are constant threats.

“We try to automate as much of our assessment process as possible—what we can reliably and comprehensively do in the shortest amount of time,” he adds. “We have derivatives of our tool that create an even more comprehensive view of security. That’s work we continue to enhance and develop.”

Ford’s team at Lab Services constantly seeks ways to update the CART tool to provide value to the IBM i community. If system administrators can only devote one day a week to security, Lab Services can still provide them with “a picture of what changed in their environment so that when they do get the time to look at security, they can hone in on the things that have changed,” Ford says. “Or, with our event monitor, the client can respond immediately to events.”

In the future, “We’ll add more metrics, more configuration items and security analytics,” he says. “When we designed and developed the tooling, it was a collaboration with many subject matter experts—first and foremost, the DB2* for i consultants here in Lab Services. This team helps clients get more value out of data through analytics. And that was at the heart of what we wanted to provide relative to security.”

Save Time, Save Money

Ford describes the CART as a kind of time machine, as it captures what has been going on in a client’s systems and makes predictions on how it could look in the future based on the current operating mode.

Most clients who need to assess and monitor their systems are very time-conscious, according to Ford. Unfortunately, they can’t afford to spend the time to analyze everything on the system. Yet they need to be aware of what’s going on within their systems. With CART, he notes, “we have created a tool that helps them buy the time they need to find what is going on.”

Gene Rebeck is a freelance writer based in Duluth, Minnesota.



Advertisement

Advertisement

2019 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.

POWER > SYSTEMS MANAGEMENT > SECURITY

Analytics Can Be Your Best Defense Against Corporate Fraud

POWER > SYSTEMS MANAGEMENT > SECURITY

Apply Best Practices to Satisfy Regulatory Standards

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store