We just had IBM in two weeks ago for their security review exit. They have a data collection tool that you run ahead of time, upload the results to them, they analyze it and then come on site to review the findings. I don't know what the costs were like but we all agreed it was beneficial and the costs must not have been too bad as we will probably have the same service performed annually.

Our systems (two machines, total of three LPARs) were installed by our software vendor before I was hired and after their initial setup we started to implement security (after I arrived) while they we installing and the install team basically shut us down from doing so (to much potential impact on the conversion process, etc.). We managed to make sure no big holes got opened by a particular set of their installers that believe the answer to every security issue is *PUBLIC *ALL, but we still have things to address and it was nice to have an IBM assessment to get time and resources allocated to bettering our security profile. The gentleman we worked with was very knowledgeable and personable and did a great job presenting to management.

Coy Krill
Core Processing Administrator/Analyst
Washington Trust Bank

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Monday, June 30, 2014 10:01
To: 'Midrange Systems Technical Discussion'
Subject: IBM i Security assessment
Importance: Low

Has anyone had an IBM I Security assessment done recently?
Does IBM have a tool for this?
If not, looking for recommendations and estimated cost?

Thank You
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home


This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

This electronic mail message and any attachments may contain confidential or privileged
information and is intended for use solely by the above-referenced recipient. Any review,
copying, printing, disclosure, distribution, or other use by any other person or entity is
strictly prohibited under applicable law. If you are not the named recipient, or believe
you have received this message in error, please immediately notify the sender by replying
to this message and delete the copy you received. =====================================================================================================

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page