In the latest version of her well-known IBM i security reference, IBM i Security Administration and Compliance, Carol Woodbury hits the ball out of the park. Not only does the book provide valuable technical information, it also introduces the reader to fundamental concepts of information security management.
Carol starts by laying out her goals for the book. They are to provide you, the reader, with 1) choices, 2) practical implementation examples, 3) insight into the appropriate security scheme for your organization, and 4) time-saving tips.
Every step of the security management process—from defining security policies through security audits, and each step in between—is addressed.
Part 1: Defining Policies and Understanding the OS Tools
Security management needs to start with a definition of policies. Appropriately enough, the second chapter covers this topic.
The rest of the first half of the book describes each of the basic tools provided by the IBM i operating system for administering security. This will be useful to those who are new to the security administration job or who just need a reference guide.
These sections of the book are full of advice for how to use the various options. They discuss in detail system-level security, user profiles, object-level security, IFS access control considerations, service tools, mechanisms for securing connectivity to and from the system, encryption, and more.
Part 2: Applying the Tools
The second half of the book discusses ways that administrators can apply these tools (separately and together) to address real-world situations and problems. Carol provides numerous examples, options, and recommendations for many of the problems security administrators encounter in their day-to-day working life.
She covers things like implementing object-level security and role-based access control, analyzing application security, Internet security, achieving and maintaining compliance, and planning your organization’s response to a security incident—before you have to use it.
Who Should Read It
- This is a great book for those who are just starting to learn about IBM i security management and those who face new compliance challenges. The book touches on every important aspect of these topics and presents them in a very readable, understandable format. It also provides examples, alternatives, and suggestions for a multitude of scenarios.
- For those who are “old hands” at security administration on the IBM i, this book makes a great reference guide. There is so much to know about security administration. Nobody can know or remember it all. I even find myself going to the IBM Security Reference manual and then going to this book for a more practical description of some of the less often-used tools and options. If you only have one book for security administration and compliance on the IBM i, this is the one you should have.
Want more information about IBM i Security Administration and Compliance, Second Edition? Download sample book content here: https://www.mc-store.com/products/ibm-i-security-administration-and-compliance-second-edition (Click the Look Inside the Book tab.)
