MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » November 2006

RE: iSeries Security in Computerworld



fixed

Hi John

I don't disagree with much of what you say; my own observations mirror pretty much what the report says: there are a load of poorly secured machines out there. One of the reasons for this situation that occurs to me is that over time many smaller shops have fallen into a situation where the system i is neglected by the business because it just runs. The upshot of this is that the time and effort is spent on the PC assets rather than the system i. I have yet to see a unix box that didn't have a knowledgeable resource looking after it, whereas I have seen many system i's that are on site, ticking over day after day, with essentially no-one responsible for them.

You refer to the usually more critical nature of the data stored on the iSeries compared to the data stored on the plethora of Windows boxes out there. It is unfortunate but true - at least in my estimation - that the vast majority of your average managers would consider their email, spreadsheets and word documents of more importance and value than any corporate data bases, at least until you forced them to think about it :) For sure they would break into more of a sweat at the thought that their email could be lost of compromised compared to inventory data being accessible to just anyone who can get onto a machine on their network. This is another reason for the attention these machines get - every manager and pretty much every employee in the an organisation winds up acting as an advocate for "getting something done" about security on the Windows boxes because they have one. they feel they are educated about this stuff and they want THEIR box fixed. Obviously the CEO's PA is one of these voices too... :)

Out of curiosity, is CL one of the languages that will also allow the pointer exploit you mentioned now that it has support for pointers under V5R4 ?

Regards
Evan Harris


I think you are right on target here.  Everyone knows Windows systems
have security problems and need attention, and organizations spend loads
of time, money, and people on the problem.  OS/400 does not squeak
nearly as loud, and so organizations can get lulled into a false sense
of security.  They shouldn't be.  It's a computer system. It has
valuable data (arguably more important data than Windows systems).  It
should be properly protected from loss, damage and theft.

jte

--
John Earl | Chief Technology Officer
The PowerTech Group
19426 68th Ave. S
Seattle, WA 98032
(253) 872-7788 ext. 302
john.earl@xxxxxxxxxxxxx
www.powertech.com
Celebrating our 10th Anniversary Year!






Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact