Q:  Do single sign on and SSO stat! only work between Microsoft Windows and IBM i?

A:  Absolutely not! You can implement SSO for applications across nearly any combination of platforms.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Password Management, Single Sign-On (SSO) | Tagged , , , , , | Leave a comment

I thought it would be interesting for my first Security Bytes post of 2107 to pull together the most popular posts from 2016 based on number of readers.

As an added attraction, I’ve also included the most popular post in 2016 from a previous year, as well as our 2 most popular posts of all time.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in IBM i Security, Single Sign-On (SSO) | Tagged , , , , | Leave a comment

You may have noticed that I often recommend that folks just get started doing a little something to address information security. Don’t let everything else you should be doing get in the way of taking steps to secure your system.

In that spirit, this month we’ll discuss the most important security tasks you can address by the end of the year.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in IBM i Security, Info Security Mgmt | Tagged , , , | Leave a comment

Before you can advise management how much time and money you should spend on securing information assets, you should know what information assets you need to protect and how much they are worth to your company.

If your organization doesn’t have this information, you can quickly estimate the value and risk for each asset using a qualitative approach.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Info Security Mgmt, Information Security, Security Breach | Tagged , , | Leave a comment

I and other security experts have been harping for years on the fact that managing information security is so much more than just choosing the value of a configuration parameter.

Information security requires an ongoing business process. It must be supported and championed by the highest levels of leadership in the organization and it must include identification of threats and vulnerabilities, plus the creation of written policies that are implemented effectively and efficiently and periodically reviewed.

Well, the state of New York is set to enact these “recommendations” into law for insurance companies and financial institutions.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Announcement, Compliance, Info Security Mgmt | Tagged , , , | Leave a comment

Believe it or not, some commonly-accepted password best practices are probably counter-productive for security in the real world.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Authentication, Password Management | Tagged , , , , , | Leave a comment

TeamSecurityWe will soon officially announce a new set of services called TeamSecurity.

What are these services, you may ask? They are a collection of three service levels whereby the Botz team partners with your IT team to varying degrees to help you manage your security at a much lower cost than hiring that expertise full time.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Announcement, Info Security Mgmt, Security Breach | Tagged , , , , , | Leave a comment

 by delfi de la RuaOr… Why Your Mid-Sized Business is Suddenly Facing BIG Security Risks

An interesting thing is happening in IT security.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Info Security Mgmt, Security Breach | Tagged , , , , , | Leave a comment

Townsend SecurityIf you want a good introduction to FIELDPROC encryption, Townsend Security just published an eBook that is a great tool for getting started.

IBM i Encryption with FieldProc: Protecting Data at Rest provides useful information about FIELDPROC exit point architecture and the kinds of features and limitations to look for in any FIELDPROC-based encryption product. Of course, there is marketing information interspersed but it is easily identifiable and, in my opinion, doesn’t detract from the information provided.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Encryption, Info Security Mgmt | Tagged , , | Leave a comment

The other day I was thinking about how I miss David Lettermen’s “Stupid Human” and “Stupid Pet Tricks” segments.

Then I got to thinking about some of the bad security habits I continue to run into at IT shops. It occurred to me that humans don’t restrict their stupid tricks to entertaining each other. We employ them in nearly every aspect of our lives.

Continue reading

Facebooktwittergoogle_pluspinterestlinkedinmail
Posted in Information Security, Password Management, User Authority | Tagged , , , | Leave a comment