Loading…
COMMON Fall Conference & Expo | October 15-17 | Pittsburgh, PA | www.common.org/fall

Log in to bookmark your favorites and sync them to your phone or calendar.

Security [clear filter]
Monday, October 15
 

4:00pm

17AC Anonymization of Sensitive Data- How Does GDPR Affect You?
Does your organization store or access personal data, such as credit card details, health records, biometric or even location data? If so, you may be concerned by the new data protection regulations, increasingly strict and with potential of heavy financial penalties. The digital economy has transformed the way data is circulated, on a global scale. Certain activities such as software testing are at particular risk of a data leak, as effective testing requires the use of real production data, often far less protected in test environments.


Our session will summarize these risks, and demonstrate how to anonymize data automatically, on any platform (IBM i, Windows, UNIX, Linux, z/OS), to protect your data privacy and ensure compliance:
• Anonymize personal data automatically
• Eliminate the risk of data leak
• Preserve the integrity, and usability, of data


This is Session ID:180265

Speakers
avatar for Floyd Del Muro

Floyd Del Muro

Director, Business Development, SenecaGlobal
With 31 years of experience on the IBM midrange platform, Floyd is Director, Business Development for the SenecaGlobal group. In his role at SenecaGlobal, Floyd has been extensively involved in the management of DevOps , Enterprise Modernization and refactoring projects on IBM i... Read More →


Monday October 15, 2018 4:00pm - 5:00pm
Grand Ballroom 1
  • Content Level All
  • Operating Systems IBMi

5:15pm

18AG Anatomy of a Security Failure
After the dust settles after a security breach, the next logical questions are: “What happened and how can we prevent it from happening again?” We will deconstruct a number of security failures that will provide lessons that you can take home and put to use immediately.


Learning Objectives:
1. Learn from the mistakes of high profile security failures
2. Understand what you can do right now to prevent security failures in your environment


This is Session ID:170728

Speakers
avatar for Steve Pitcher

Steve Pitcher

IBM i Administration, iTech Solutions
Multi-industry IT professional with experience as a developer, systems administrator and IT Director.Skilled in security and collaborative solutions with a focus on IBM i (AS/400 or iSeries). 


Monday October 15, 2018 5:15pm - 6:15pm
Marquis Ballroom B
  • Content Level All
  • Operating Systems IBMi
 
Tuesday, October 16
 

9:15am

22AH IBM i Security: The Good, the Bad, and the Downright Ugly
Don’t miss out on more than a decade’s worth of market research on the security configurations of IBM i servers and the successes and failures of organizations that run critical applications on them. HelpSystems has audited thousands of IBM i servers around the world, gaining extensive, real-world insight into the deployment state of IBM i security controls.


Learning Objectives:
Join the author of the wildly popular "State of IBM i Security" study for a recap of eye-opening statistics from the current report. Along with the results, this session provides review and tips in seven configuration categories:
• Network-initiated commands & data access
• Server-level security controls
• Profile and password settings
• Administrative capabilities
• Public accessibility to corporate data
• System event auditing
• Virus scanning Learn what steps your own organization must take to address these continually overlooked and dangerous security exposures—including some that are often missed by professional auditors!


This is Session ID:170209

Speakers
avatar for Robin Tatam

Robin Tatam

Director of Security Technologies, Helpsystems
Robin Tatam is HelpSystems’ Global Director of Security Technologies and a COMMON subject matter expert (SME). As an award-winning speaker on security topics, Robin has been interviewed and quoted by industry magazines and has published numerous trade articles. Robin’s extensive... Read More →


Tuesday October 16, 2018 9:15am - 10:15am
Marquis Ballroom C

10:30am

23AA POWER Panel: Security
Hands up everyone who has heard – or even shared - the assertion that IBM i is one of the most secure systems available. Wow, that’s virtually all of you! Unfortunately, that claim comes with a HUGE disclaimer regarding knowledge and effort that most of us prefer to ignore. Of course, security, and it’s regulatory companion, compliance, are both highly-desirable states but what does it really mean to achieve it? Does it involve the OS, your application providers, or just your perimeter firewall? IBM has been steadily adding security-related features with each new OS release but most of us still rely heavily on the simple menu system that we wrote in 1992 to protect our most critical data. It’s time that we “modernize” our approach to IBM i security in the same way we are modernizing our applications so let’s talk about what needs to be tackled when locking things down and how can we avoid breaking the good stuff in the process.

This panel is ready to dispel the myths, disclose the realities, and discuss how to keep your company out of the spotlight.

Got a question to ask during the panel? Submit Now

This is Session ID:180244

Moderators
avatar for Robin Tatam

Robin Tatam

Director of Security Technologies, Helpsystems
Robin Tatam is HelpSystems’ Global Director of Security Technologies and a COMMON subject matter expert (SME). As an award-winning speaker on security topics, Robin has been interviewed and quoted by industry magazines and has published numerous trade articles. Robin’s extensive... Read More →

Speakers
avatar for Thom Haze

Thom Haze

IBM i Operating System Security Development, IBM
Thom is the lead software developer for Digital Certificate Manager (DCM) and provides cryptography related enhancements to IBM i. He has been working on IBM i and earlier named platforms since 1989 on various projects such as Integrated Windows, Linux, and VMware Servers, Integrated... Read More →
avatar for Steve Pitcher

Steve Pitcher

IBM i Administration, iTech Solutions
Multi-industry IT professional with experience as a developer, systems administrator and IT Director.Skilled in security and collaborative solutions with a focus on IBM i (AS/400 or iSeries). 


Tuesday October 16, 2018 10:30am - 11:30am
City Center A
  • Content Level All
  • Operating Systems IBMi

1:30pm

25AB Introduction to Securing Applications with DCM
The ability to secure a connection from a client to servers such as HTTP, Telnet, and FTP have been available for many years, but users may still consider the process confusing due to unfamiliar terms and complex configurations. This session will attempt to take a somewhat complicated topic and describe the process of securing applications with system TLS (Transport Layer Security) using DCM (Digital Certificate Manager) in a manner that will reduce complexity and clarify confusion so you can configure your system to take advantage of secure sessions. Topics being discussed include certificate stores, certificate authorities, application definitions, encryption and hashing algorithms, cipher specifications, and getting these items working together to establish a secure network session.

Learning Objectives:
Learn how to generate and sign a certificate, assign it to an application, and configure the client application so a secure session can be established.

This is Session ID:180264

Speakers
avatar for Thom Haze

Thom Haze

IBM i Operating System Security Development, IBM
Thom is the lead software developer for Digital Certificate Manager (DCM) and provides cryptography related enhancements to IBM i. He has been working on IBM i and earlier named platforms since 1989 on various projects such as Integrated Windows, Linux, and VMware Servers, Integrated... Read More →


Tuesday October 16, 2018 1:30pm - 2:30pm
City Center B

2:45pm

26AB IFS Security: Don't Leave Your Server Vulnerable
Experts agree that one of the most overlooked areas of IBM i security is the integrated file system (IFS). Despite containing many sensitive things, including the operating system and all of your application libraries and files, IFS security remains a mystery to most administrators.


Learning Objectives:
Attend this important session to learn about securing the IFS, including what users may be doing with little more than a user profile and password:
• Why do we care about the IFS?
• Permissions versus authority
• Root folder access
• Auditing IFS activities
• Read/write versus *ALLOBJ
• Anti-virus considerations


This is Session ID:170213

Speakers
avatar for Robin Tatam

Robin Tatam

Director of Security Technologies, Helpsystems
Robin Tatam is HelpSystems’ Global Director of Security Technologies and a COMMON subject matter expert (SME). As an award-winning speaker on security topics, Robin has been interviewed and quoted by industry magazines and has published numerous trade articles. Robin’s extensive... Read More →


Tuesday October 16, 2018 2:45pm - 3:45pm
City Center B
  • Content Level All
  • Operating Systems IBMi

5:15pm

28AB Authority Collection Utility in 7.3 – Locking down Security for Your Sensitive Data Files and Objects
This presentation will introduce a new capability in the 7.3 release called Authority Collection. Authority collection is new support designed to assist the security administrator and application provider in locking down object level security. This support will help ensure that object authority is set to the most secure value while still allowing an application to run successfully. This presentation is a must see for security administrators and application developers.


Learning Objectives:
1. Learn about new support in 7.3, called authority collection, that helps the system administrator lock down security on sensitive data files and objects.


This is Session ID:170023

Speakers
avatar for Thom Haze

Thom Haze

IBM i Operating System Security Development, IBM
Thom is the lead software developer for Digital Certificate Manager (DCM) and provides cryptography related enhancements to IBM i. He has been working on IBM i and earlier named platforms since 1989 on various projects such as Integrated Windows, Linux, and VMware Servers, Integrated... Read More →


Tuesday October 16, 2018 5:15pm - 6:15pm
City Center B
 
Wednesday, October 17
 

8:00am

31AD POWER PICK: An Introduction to the Criticality of Cybersecurity
Few things strike fear in the hearts of business leaders more than the threat of a security breach. Exponential growth in electronic data, coupled with the explosion of interconnected devices, means data is now under constant attack. A new generation of cybersecurity experts has been tasked with defining new ways to secure it. Led by Power Systems security expert and Certified Information Security Manager (CISM), Robin Tatam, this session will discuss: • A (quick!) history lesson on the birth of cybersecurity • All Data Matters! • What the heck is SOX, PCI, and HIPAA? • Causes, costs, and effects of a data breaches on business • The future of data protection You may even discover whether or not Power Systems servers are secure!


Learning Objectives:
1. Learn history of cybersecurity
2. Understand basic cybersecurity terminology


This is Session ID:170736

Speakers
avatar for Robin Tatam

Robin Tatam

Director of Security Technologies, Helpsystems
Robin Tatam is HelpSystems’ Global Director of Security Technologies and a COMMON subject matter expert (SME). As an award-winning speaker on security topics, Robin has been interviewed and quoted by industry magazines and has published numerous trade articles. Robin’s extensive... Read More →


Wednesday October 17, 2018 8:00am - 9:00am
Grand Ballroom 5

10:30am

33AD POWER PICK: Single Signon
IBM i has the capability to participate in a single sign on environment. What is single sign on? Single sign on is an authentication process where a user can access various applications in the network using one set of login credentials. This presentation will describe the Kerberos protocol and how to map a domain user ID to an IBM i user profile to safely authenticate the user to a 5250 session without passwords being sent across the network.

This is Session ID:180312

Speakers
avatar for Thom Haze

Thom Haze

IBM i Operating System Security Development, IBM
Thom is the lead software developer for Digital Certificate Manager (DCM) and provides cryptography related enhancements to IBM i. He has been working on IBM i and earlier named platforms since 1989 on various projects such as Integrated Windows, Linux, and VMware Servers, Integrated... Read More →


Wednesday October 17, 2018 10:30am - 11:30am
Grand Ballroom 5
  • Content Level All

11:45am

34AC Passing Your Next Security Audit: The Challenges of Properly Securing Your IBM i and Maintaining Compliance
The IBM i is a highly securable system, but it presents unique challenges to security administrators and security auditors. Achieving a secure and compliant IBM i environment is often a complex and difficult process. External threats, the array of security regulations and the increasing demands of auditors continue to grow and evolve every day. Attend this session for insights into how to achieve compliance and pass your next security audit.


Learning Objectives:
• Maintaining control of user profiles and login security
• Protecting access to your IBM i system and sensitive data
• Auditing system and database activity


This is Session ID:180292

Speakers
avatar for Richard Marko

Richard Marko

Director, Technical Services - Security Products, Syncsort
Richard Marko is the Director, Technical Services - Security Products for Syncsort. He is a noted industry expert with more than 30 years of experience working with the IBM i platform. For the past 10 years, he has helped companies architect their security and compliance management... Read More →


Wednesday October 17, 2018 11:45am - 12:45pm
Grand Ballroom 1