In 2012, we continue to see systems that are vulnerable due to too many powerful users, too few controls for *PUBLIC access to libraries, little or no visibility to network traffic, and not enough auditing.
Eden Prairie, MN (PRWEB) May 09, 2012
PowerTech, the world’s leader in security solutions for Power Systems™ servers running IBM i, announces the release of the 2012 State of IBM i Security Study. PowerTech publishes the annual study to help users understand the common security exposures found on IBM i servers.
Each year, PowerTech performs hundreds of Compliance Assessment audits on IBM i servers of varying sizes and across multiple industries, including financial, retail, and manufacturing. This ninth annual study summarizes data from security audits performed January to December 2011.
The 2012 study shows many of the same vulnerabilities seen in previous years, including:
- 74.6% of IBM i servers have 20 or more active *ALLOBJ profiles
- 81% of systems unknowingly make *CHANGE the default create authority for library objects
- 66% of systems don’t monitor network access to their critical data
- 11% of user profiles have a password that matches the user’s name; 54% of these are enabled
Robin Tatam, PowerTech Director of Security Technologies, commented, “Each year we publish this study, I expect to see the trends improve. In 2012, we continue to see systems that are vulnerable due to too many powerful users, too few controls for *PUBLIC access to libraries, little or no visibility to network traffic, and not enough auditing.”
The 2012 State of IBM i Security study is available as a free download from http://www.powertech.com. PowerTech also is offering a webinar on the State of IBM i Security on Wednesday, May 30.
The PowerTech Group is the leading expert in security solutions for IBM® Power Systems™ servers running IBM i. For more information, visit our website at http://www.powertech.com, or contact Robin Tatam, at (253) 872-7788 or robin(dot)tatam(at)powertech(dot)com.
© The PowerTech Group. All trademarks and registered trademarks are the property of their respective owners.