27th Annual New Hampshire / Vermont IBM i User Group Meeting
Tuesday, June 23, 2015 - Fireside Inn, West Lebanon NH
This event was free to IBM i professionals, and sponsored by NHMUG and VTMUG
IBM Announcements - Steve Fier, IBM
IBM has made some exciting new enhancements to the POWER family. POWER8 low-end I/O enhancements will be coming. Also, there will be new and additional functionality for both IBM 7.1 and 7.2 Steve Fier will review these latest updates.
Security Topics - Robin Tatam, CISM CBCA,PowerTech | A Division of HelpSystems
Part 1 - Security by Obscurity - Insight into a Failed Approach
PowerTech has audited thousands of IBM i servers over the past 12 years, gaining extensive, real-world insight into the deployment state of IBM i security controls.
The results of this wildly popular study, The State of IBM i Security, have revealed vulnerabilities that even auditors miss—providing invaluable insight in six configuration categories:
- Network-initiated commands & data access
- Server-level security controls
- Profile and password settings
- Administrative capabilities
- Public accessibility to corporate data
- System event auditing
Robin Tatam, analyst and author of the study for the past 6 years presents his personal insight into the shocking - and often scary - reality behind IBM i security.
Part 2 - Getting Started with IBM i Security
The IBM i operating system is lauded as one of the most secure available. But, as previously discussed, reaching this state requires many changes to system settings. Its time to take a critical step toward protecting your corporate data assets - regardless of regulatory compliance.
This session, hosted by certified auditor and renowned IBM i expert Robin Tatam, will teach you how to achieve better security through increased awareness of important considerations, including:
- What controls security configuration?
- Who has administrative privileges?
- How to do event auditing for free?
- What are “black hole” commands?
- What the heck is public versus private authority?
- How do users accomplish scary things?
Security and regulatory compliance, although not the same thing, are in the forefront of virtually every CIO's mind. Make sure that you are adequately prepared when the bad guys come knocking!
Robin joined HelpSystems' PowerTech division in 2009 extending an AS/400 and IBM i consulting career that extends more than a quarter century. He has consulted with domestic and international clients on security and compliance issues.
Application Modernization - David Andruchuk - CSDA, Inc
The Why and How of the iModerinze(d) Application Architecture
For most IBM i shops, an ongoing initiative is to take advantage of the new offerings IBM has made to the IBM i hardware and software that has defined and set our platform apart from competitors. The process of converting your non data centric architecture to a data centric architecture can appear to be beyond the reach of many IT staffs.
While the performance gains of modernizing can be easily quantified, the added benefit of flexibility often goes unheralded. Being able to provide faster response to constantly changing business requirements and ever increasing large data demands placed on our environments can be achieved without having to recompile your current programs.
Adapting your database access and software development practices is as much a necessity as changing your business to constantly changing market requirements and security concerns we are now required to comply with.
In this session we will discuss:
- The process of converting your DDS defined PF and LFs to DDL defined tables, views and indexes
- Taking advantage of the scalability and flexibility gains offered by modern technologies, both in hardware and in software engineering
- Adopting the use of views and stored procedures to gain separation between your data model and your programs
- Designing your system to become easier to implement your web based or graphical UI layer
- Adding encryption to your table columns using DB2 Field Procedures