All Seeing; All Knowing; All Secure

Lockdown A New iSeries Security Consultancy Service

‘Lockdown’,  is helping leading AS/400 and iSeries environments to firmly slam the back door shut on unauthorised access attempts and sound the alarm should unauthorised personnel ever attempt to gain access in the future.  Implemented in three distinct stages, ‘Lockdown’ ensures access to the AS/400 or iSeries via FTP, ODBC, Client Access, DDM, Remote Commands, IFS, DPC and other methods are tightly controlled and audited, leaving no room for breaches in security protocol.

Without a specialist security product in place, IT Managers have no way of knowing or seeing what is happening and these activities are not logged as standard and therefore, leave no audit trail.

‘Lockdown’ has been designed to expose previously unseen, undetected and unaudited security breaches and provide a solution that is not only easy to implement but takes very little time to turn a vulnerable, reactive iSeries environment into one that is pro-active, highly visible and fully prepared for any security threats.

The first stage of ‘Lockdown’, taking only fifteen minutes to set up, identifies and logs all current data access within the AS/400 or iSeries environment. Once in place this gives IT Managers on-line visibility of access attempts as well as a range of audit reports. These include reports showing activity of files, users and access method. After suitable data has been collected, the second stage of ‘Lockdown’ can be carried out. This focuses on creating a detailed analysis of current security policies. An RUSC security consultant then provides an educational and training session to ensure that staff are made aware of both potential unsecured users and also where current security methods are proving weak.

Product Director of RUSC, Robin Cumming, believes this stage can be most beneficial in adopting a more pro-active, long-term approach to security issues: ‘By working with a security consultant, users have an opportunity to see where they have been vulnerable in the past and more importantly, learn new methods for implementing tighter security and see how similar environments have overcome their security loopholes and sustained these practices in the long-term.’ Once the security monitoring system is in place, security alerts can be escalated to relevant personnel for their immediate attention.

Having analysed the current data access and decided on the implementation procedure, the third and final stage of ‘Lockdown’ can be carried out. Global, group and ‘catch-all’ security rules can be easily set up and seamlessly integrated in a way that complements and does not inhibit existing operational procedures, ensuring no user is able to access sensitive data unless they have been verified and legitimately enrolled onto the security system. Users have the benefit and guidance of their RUSC security consultant throughout this stage. All unauthorised data access and production data access can be secured with further restrictions to reject all unauthorised access attempts and escalate security alerts to designated staff. At this stage, staff can then verify and later modify monitoring procedures should such attempts prove valid. With ‘Lockdown’ complete, systems are totally secure, staff regain control and any future access attempts are highly visible and fully audited.

Please contact us to request a Lockdown service for your site.

   Tel +44 (0) 1274 816001