Essential Layers of IBM i Security: Physical Security
Download as PPTX, PDF0 likes166 views
The document discusses the importance of a comprehensive physical security plan that encompasses protection against theft, misuse, and tampering of computing equipment. It outlines security measures for various device categories such as servers, storage devices, network devices, peripheral devices, and end-point devices, emphasizing the need for strong authentication, employee education, and monitoring. Additionally, it highlights the importance of addressing evolving security threats and ensuring all devices have a digital monitoring stream.
Essential Layers of IBM i Security: Physical Security
- 1. Layers of Security Physical Security Amy O’Connor – Chief Data and Information Officer Bill Hammond – Sr, Product Marketing Manager
- 2. Today’s Agenda • Layers of Security Overview • Physical Security • Servers and Storage Devices • Network Devices • Peripheral Devices • End-point Devices • Q & A 2
- 4. Physical Security More than just controlling access to computer rooms and data centers, a thorough physical security plan requires, among other things, that computing equipment be protected from theft, misuse, and intentional or accidental tampering. 4
- 5. Physical Security 1 Servers and storage devices 2 Network devices 3 Peripheral devices 4 End-point devices 5
- 7. Servers and Storage Devices 7 • Lock into place all servers and storage devices • Lock front-panel covers to prevent intentional or accidental changes • Secure power and other cabling to prevent easy disconnection • Strong authentication and access protocols • Data protection – backups, HA, DR • Physical environment - HVAC
- 9. Network Devices 9 • Lock into place physical firewalls, routers, switches, and other network devices • Ensure power and other cabling can’t be easily disconnected • Watch for unauthorized configuration changes to network equipment • Monitor for covert installation of “sniffing” equipment • Use proper encryption for wireless networks (WPA, WPA2, etc.). • Virtual Private Networks (VPN)
- 11. Peripheral Devices 11 • Keep all printers and fax machines that output sensitive information within secured areas • Don’t forget your VOIP phone system • Ensure employees who do have access to this output are properly trained in how to prevent it from being seen by unauthorized personnel • Regulations such as HIPAA, GDPR, and others require that sensitive information be secured not only within databases but also when it appears on printed output.
- 13. End-point Devices 13 • Employee education on safe use of desktops, laptops, and mobile devices • Education needs to include taking care that these devices aren’t lost or stolen. • IT staff needs the ability to locally or remotely execute a secure-wipe process • Stolen • Lost • Re-purposed • Devices need to be kept up to date • Anti-virus • Anti-malware • Anti-ransomware
- 14. Top Takeaways • Multiple layers overlap and provide additional protection • Ensure that all your physical devices have a digital stream that you can monitor • Physical security is constantly changing – new threats, new solutions • Network devices must be secured as much as servers 14
- 16. Download the White Paper The six layers of IBM i security and how Precisely can help 16 https://www.precisely.com/resource-center/whitepapers/the-essential- layers-of-ibm-i-security
- 17. Layers of Security Webinar Series 17 July 15, 2020 July 29, 2020 August 12, 2020 August 26, 2020 September 9, 2020 September 23, 2020
- 18. Q & A
Editor's Notes
- #3: Amy: You need to use data to secure your data
- #4: The increased frequency of high-profile breaches and the corresponding rise of new and expanded regulatory compliance requirements is putting enormous pressure on IT departments to assure their corporate executives that business-critical systems and data are secure. One particular statistic from a recently conducted Precisely survey of IT professionals is revealing in that 69% of respondents said they were only “somewhat confident” (or worse) in the effectiveness of their company’s IT security program. Given today’s rapidly evolving security threats, even being “somewhat confident” doesn’t cut it. Improving confidence in one’s IT security posture requires a solid understanding of all potential vulnerabilities as well as the most effective best practices and technologies in order to minimize the possibility of a breach. To help, Precisely has created this white paper as a roadmap, grouping together important security best practices and technologies into six primary categories or “layers.” These layers cover physical devices, networks, configuration of the IBM i OS, access to systems, protection of data at the file and field level, and monitoring and auditing of systems. The reason it’s particularly helpful to view these security categories as “layers” is that, to some extent, each category overlaps with the others to provide multiple lines of defense. In other words, should one security layer be somehow compromised, there’s a good chance that another layer will thwart a would-be intruder. The six layers of IBM i security are summarized in the following diagram and are detailed in the remainder of this white paper
- #5: Amy: There are changes in the IT environment that are impacting Physical Security IoT Cloud Drones Mobility
- #6: Amy: How has Covid impacted these elements
- #14: Amy: Minimize data – USB devices
- #16: The increased frequency of high-profile breaches and the corresponding rise of new and expanded regulatory compliance requirements is putting enormous pressure on IT departments to assure their corporate executives that business-critical systems and data are secure. One particular statistic from a recently conducted Precisely survey of IT professionals is revealing in that 69% of respondents said they were only “somewhat confident” (or worse) in the effectiveness of their company’s IT security program. Given today’s rapidly evolving security threats, even being “somewhat confident” doesn’t cut it. Improving confidence in one’s IT security posture requires a solid understanding of all potential vulnerabilities as well as the most effective best practices and technologies in order to minimize the possibility of a breach. To help, Precisely has created this white paper as a roadmap, grouping together important security best practices and technologies into six primary categories or “layers.” These layers cover physical devices, networks, configuration of the IBM i OS, access to systems, protection of data at the file and field level, and monitoring and auditing of systems. The reason it’s particularly helpful to view these security categories as “layers” is that, to some extent, each category overlaps with the others to provide multiple lines of defense. In other words, should one security layer be somehow compromised, there’s a good chance that another layer will thwart a would-be intruder. The six layers of IBM i security are summarized in the following diagram and are detailed in the remainder of this white paper