× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 2006

Re: iSeries Security in Computerworld

I have yet to see a unix box that didn't have a knowledgeable resource ...


I think a Security certification for i5/OS,
and not a general test but up to the level we can truly call "expert"
would help raise the education of the community.
jim franz
----- Original Message ----- From: "Evan Harris" <spanner@xxxxxxxxxx> 
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Sunday, November 05, 2006 2:33 PM
Subject: RE: iSeries Security in Computerworld



Hi John

I don't disagree with much of what you say; my own observations
mirror pretty much what the report says: there are a load of poorly
secured machines out there. One of the reasons for this situation
that occurs to me is that over time many smaller shops have fallen
into a situation where the system i is neglected by the business
because it just runs. The upshot of this is that the time and effort
is spent on the PC assets rather than the system i. I have yet to see
a unix box that didn't have a knowledgeable resource looking after
it, whereas I have seen many system i's that are on site, ticking
over day after day, with essentially no-one responsible for them.

You refer to the usually more critical nature of the data stored on
the iSeries compared to the data stored on the plethora of Windows
boxes out there. It is unfortunate but true - at least in my
estimation - that the vast majority of your average managers would
consider their email, spreadsheets and word documents of more
importance and value than any corporate data bases, at least until
you forced them to think about it :) For sure they would break into
more of a sweat at the thought that their email could be lost of
compromised compared to inventory data being accessible to just
anyone who can get onto a machine on their network. This is another
reason for the attention these machines get - every manager and
pretty much every employee in the an organisation winds up acting as
an advocate for "getting something done" about security on the
Windows boxes because they have one. they feel they are educated
about this stuff and they want THEIR box fixed. Obviously the CEO's
PA is one of these voices too... :)

Out of curiosity, is CL one of the languages that will also allow the
pointer exploit you mentioned now that it has support for pointers under V5R4 ? 

Regards
Evan Harris



I think you are right on target here.  Everyone knows Windows systems
have security problems and need attention, and organizations spend loads
of time, money, and people on the problem.  OS/400 does not squeak
nearly as loud, and so organizations can get lulled into a false sense
of security.  They shouldn't be.  It's a computer system. It has
valuable data (arguably more important data than Windows systems).  It
should be properly protected from loss, damage and theft.

jte

--
John Earl | Chief Technology Officer
The PowerTech Group
19426 68th Ave. S
Seattle, WA 98032
(253) 872-7788 ext. 302
john.earl@xxxxxxxxxxxxx
www.powertech.com
Celebrating our 10th Anniversary Year!


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list 
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.