Category Archives: Info Security Mgmt

Not many people realize that IBM i lets you define your own ad-hoc or application-defined special authorities. That’s not real surprising considering that neither the name of the mechanism nor the documentation says anything about special authorities.

Posted in IBM i Security, Info Security Mgmt, Information Security | Tagged , , | Leave a comment

It may surprise a few people, but I’m just not worried about my credit card being stolen. In fact, I refuse to worry about it. That may sound like heresy for someone who is supposed to know a little bit … Continue reading

Posted in Botz Blog, Cloud Security, Info Security Mgmt, Information Security, Mobile Security, Security Breach | Tagged , , , , , | Leave a comment

Hey everyone!  Starting this month I’m going to be writing a monthly article for IBM Systems Magazine’s EXTRA online newsletter. Check out the March installment — Howdy, Partner! The Role of Application Developers in IT Security — for a look … Continue reading

Posted in IBM i Security, Info Security Mgmt | Tagged , , , | Leave a comment

I recently read an article called The Enemies of Data Security: Convenience and Collaboration, posted by Carl S. Young on the Harvard Business Review website. My experience with academic papers on information security is that most of them don’t deal … Continue reading

Posted in Info Security Mgmt | Tagged , , , , , , | Leave a comment

You are a long-time IBM i (AS/400, iSeries, IBM System i, etc.) programmer and you understand the details of how the system checks authority, don’t you? I bet you don’t! It’s the authority of the JOB that really matters. Why … Continue reading

Posted in IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , | 1 Comment

In a previous post on this topic, I discussed how to calculate the cost of a security-related project and how to compare different solutions for a given security-related project or issue.  I asserted that there are three different aspects that … Continue reading

Posted in IBM i Security, Info Security Mgmt, Information Security, Single Sign-On (SSO) | Tagged , , , , , , , , , , , | 1 Comment

Information security is first and foremost a business issue. As IT professionals, we need to analyze the merits of any security project based on how much the investment will benefit the organization.

Posted in Info Security Mgmt, Single Sign-On (SSO) | Tagged , , , , | 2 Comments

It’s a simple fact. Good security doesn’t just happen. You need to have a very specific set of knowledge to effectively secure your information assets. The knowledge you need falls into five discrete categories: policies, data, people, systems, and events.

Posted in Compliance, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , , | Leave a comment

CAUTION: RANT ALERT On Wednesday, November 19, Admiral Michael Walters, the head of the NSA made a very disturbing announcement. He said that China and one or two other countries have the capability to launch a cyber attack that could … Continue reading

Posted in Compliance, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , , , , , | Leave a comment

Whenever I see a web site or hear a commercial touting how my personal information is secure because “we use encryption,” I just have to chuckle. I guarantee you that Target did — and does — encrypt your personal information … Continue reading

Posted in Encryption, IBM i Security, Info Security Mgmt, Information Security | Tagged , , , , | 2 Comments