PowerTech Group, USA
PowerTech – Network Security (Access Control by Exit Programs)
Your greatest threat may come from within.
In the age of HIPAA, SOX, and PCI, every company needs a security policy that restricts access to data to only those users who have a demonstrated need to use it to do their job.
PowerTech’s recent iSeries security study revealed that only 35% of systems were monitoring traffic through OS/400’s exit points. Network Security provides the industry’s leading exit program solution for monitoring network traffic to the iSeries. It allows you to restrict user access to critical data from PCs, and audit end-user access across the network through common services like ODBC, FTP, and DDM.
PowerTech – Compliance Monitor (Auditing & Reporting)
Compliance reporting shouldn’t be the most complex part of compliance.
Compliance with government and industry regulation is a fact of doing business, but with it comes accountability. Sarbanes-Oxley and PCI auditors demand a security policy and proof of compliance for critical IT systems. Compliance Monitor simplifies the task of reporting against system configuration and user activity, making it easy to identify exceptions to policy.
The product consolidates data from multiple systems in an intuitive graphical user interface, and the same reports can be saved and printed in PDF format, maintaining a record for your AS/400 audit. For those users who prefer guidance, Compliance Monitor ships prepopulated with a recommended set of audit reports for SOX and PCI compliance. Organizations can achieve a return on their investment in less than a year because the flexible filters allow the generation of custom reports at much less cost than developing and writing queries in house.
PowerTech – Authority Broker (User Profile management)
There’s power. And then there’s too much power.
Too many people with too much access to critical data – that’s one of the most common security lapses uncovered in AS/400 audits.
Using patent pending technology, Authority Broker protects sensitive corporate assets and audits access in real time. The number of profiles with special authorities can be reduced without disrupting normal business activity because the “switch profile” feature allows users to switch to higher authorities as needed. Managers can get regular audit reports of activity or even custom alerts when one of their staff switches to a more powerful profile
Implementing Authority Broker saves time compared to homegrown tools and enforces segregation of duties. Auditors tend to frown on IT staff writing the reports on their own activity!
IBM now ships a trial copy of Authority Broker with every copy of i5/OS.
PowerTech – Encryption (Data Privacy)
Keep private data private.
PowerTech partners with Patrick Townsend Security Solutions to provide industry leading, 256-bit, AES encryption that can help you to comply with the Payment Card Industry (PCI) standard today. AES also meets the requirements of strong encryption defined by the California privacy notification act (SB1386) and similar notification laws. AES Encryption can also be used to encrypt backup data to tape before it is stored offsite.
AES (Advanced Encryption Standard) is an encryption method selected by the National Institute of Standards and Technology (NIST) of the US government to protect sensitive information in private and public applications. AES Encryption is fully certified by NIST for every approved key size and mode of encryption. With NIST certification, you can have confidence in the security of the solution and that it will interoperate with any other vendor’s product based on the AES standard.
PowerTech – Interact (Real-time Event Monitoring)
Real time IBM i Security events
The IBM i™ platform (formerly known as AS/400) typically houses the most business critical data in an organization. As companies broaden their focus from perimeter security to insider threats and regulatory compliance, the IBM i needs to be monitored as diligently as other nodes in the network.
The leading IBM i security company, PowerTech, sends security events in real time to Security Information Management (SIM) solutions or Intrusion Detection Systems (IDS). PowerTech Interact sends over 500 security events in real time to syslog from the audit journal, operating system, and network. Security Information Management solutions can correlate and aggregate the IBM i events with logs from many different sources. Users don’t have to worry about configuring batch ftp file transfers or the complexity of language and CCSID conversions.
Enterprise consoles that support IBM i events from PowerTech include Internet Security Systems™(ISS) RealSecure® SiteProtector™, ArcSight, TriGeo, HighTower, LogRhythm and OpenService.