Layers of Data Security Barry Kirksey – Senior Solution Architect

Global Leader in Business Resilience Leading provider of business resilience solutions for IBM Power Systems. High availability, disaster recovery, migration, data replication and security. For more than 25 years, customers and partners have trusted Vision to protect and modernize their environments, whether on-premises or in the cloud.

Uniquely Positioned Convergence of Solutions Protecting Companies Interlocking layers of high availability and disaster recovery, security, and managed service solutions. Completely envelop and protect a company’s critical systems and data. Convergence of these technologies and services have emerged to protect businesses and keep them compliant. Vision is uniquely positioned to serve customers and the marketplace overall.

Cross-Platform Security with a Common Graphical Interface ES Enterprise Security CPA Cross-Platform Audit CPC Cross-Platform Compliance PSS Password Self Service AIX Security Host Based Security, Audit & Compliance for IBM i Log Management & Database Activity Monitoring GRC (Governance, Risk Management, and Compliance) Cross Platform Password Management Security and Auditing for IBM AIX For use with: Base ES Product Exit Point Security System Monitoring Alerting Reporting Admin Tools Firewall Manager Field Encryption Policy Compliance Data Provider Password Self Service Accelerator Package For use with: Windows Unix (AIX & Solaris) Linux IBM i (OS400 & DB2) z/OS MS SQL Server Oracle DB2 Sybase MySQL Progress Syslog Flat File Format For use with: Windows AIX IBM i (OS400 & DB2) MS SQL Server Oracle Linux For use with: IBM i (OS400 & DB2) Windows Active Directory Linux AIX Open LDAP For use with: Base AIX Product Access Control File Protection System Audit Event Auditing Security Risk Assessment Tool

/ ES IBM i Offering Network Access Control System Monitoring Regulatory Compliance Administrator Tools Ports/IP Address Firewall Manager Exit Points Application Analyzer Application Audit Application Access Control Auditing Systems Audit SQL Statement Audit QHST Log Audit MSGQ Audit File Audit Central Audit Checking Inactive Users Compliance Reporting Report Generator Alert Center Checking & Control Compliance Field Security Encryption Export Logs System i Data Providers System Control User Profiles Session Timeout Inquiries Enforcive Control Management Control Panel Administrative Roles

CPS – Cross Platform Audit Log Analysis Event Management Reporting Administration Cross Platform Central Data Repository Cross Platform SOC Analyzer Global User/User Groups Custom Applications Real-time Monitoring System Audit Logs Security Audit Logs Data Audit Logs Application Audit SQL Statement Audit Alerting Cross Platform Server Systemi/iSeries Systemz/Mainframe MS Windows MS SQL Server Systemp/AIX Linux Oracle MySQL ProgressDB Before & After Images Central Data Repository Cross Platform Cross Platform Audit Reports SOC Analyzer Reports Report Writer Report Generator Data Collection Remote Collection Service CPA Data Providers External System Formats Enforcive Control Systems/System Groups Control Panel Administrative Roles

CPS – Cross Platform Compliance Alerting Reporting Administration Cross Platform Compliance Administration Compliance Compliance Reports Settings Reports Change Control Change Requests Enforcive Control Systems/System Groups Control Panel Administrative Roles Real-time Monitoring Compliance Alerts

CPS Password Self Service Systems / Source Systems Policies Roles / Users Administration Systems Manage PSS systems Source Systems Manage Source systems Import Users Delete Non-existent Users User Scheduler Default Policy Global Settings Manage Self Service Policy Roles Manage Roles Users Manage Users PSS Log View PSS Log Web Portals Manage Web Portals Enforcive Control Systems/System Groups Control Panel Administrative Roles

Cross-Platform Compliance AIX Security Offering Base AIX Product Cross-Platform Audit Cross-Platform Compliance Password Self Service Access Control Application Security File Protection File Security System Audit Audit Policy Control Inquiry Log Analysis Cross Platform Event Monitoring Real-Time Monitoring Alerting Before & After Images Reporting Report Writer Administration Data Collection Enforcive Control Compliance Compliance Administration Alerting Real-Time Monitoring Reporting Compliance Reports Administration Change Control Enforcive Control Systems Maintain Systems Manage Source System Default Policy Global Settings Manage Self Service Policy Roles/Users Manage Roles Manage Users Administration PSS Log Web Portals Enforcive Control

Definitions Data Security means protecting data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users. Layers of means to provide one layer on top of another layer, multiple levels which reinforces the structure or solution.

Data Security You don’t want to be like this…

Data Breach What exactly is a data breach? The simplest definition of a data breach is an incident where data is made available to an unsecured environment, whether by intentional or unintentional actions. It can include anything from personal files to details of health records and a variety of financial information. What people do not take into account is the fallout from a breach. This involves detection, further damage control in the short term, and damage control long term. Long term is where most issues lie: loss of current customers, loss of potential customers, and the loss of the business that those customers bring along with them. How can a data breach occur? Data breaches can happen in many ways but there are three main causes: System Glitch, Human Error, or Criminal Attack. One small error is enough for someone with malicious intent to find an opening and cause damage within a company. In a report from The Hartford®, some examples of how a data breach can occur are: “stolen or lost paper and electronic files; stolen or lost laptop, smartphone, tablet or computer disks; stolen credit card information; employee error or oversight; theft or release due to unauthorized access (such as by former employees or vendors); hacking.” Of the three breach types a criminal attack is almost always the most costly to a company.

Data Security What type of business needs data security? Any business that stores records and information for customers, employees, or even patients should have a data security system in place. However, some types of businesses are at an even higher risk for a breach. The retail industry, for example, handles very sensitive financial information for their customers and at a high volume. If not properly protected, an individual can manage to gain access to these records use them for personal gain. How can data security software protect your business from a breach? With proper data security software in place, a business can worry less about where the next attack will come from and more about how to best serve their current and future customers. With a secure system, a company will be more reliable by significantly reducing the chances of being a victim of a breach and in the case of an attack it will greatly reduce the overall costs associated with it.

Layers of Data Security

Layers of Data Security Firewall Allows you to monitor and secure all inbound and outbound TCP/IP connections to your IBM i environment. Layers of Data Security

Layers of Data Security Firewall Allows you to monitor and secure all inbound and outbound TCP/IP connections to your IBM i environment. Network Security Provides auditing and protection from unauthorized activity coming to or from the TCP/IP network. Layers of Data Security

Layers of Data Security Firewall Allows you to monitor and secure all inbound and outbound TCP/IP connections to your IBM i environment. Network Security Provides auditing and protection from unauthorized activity coming to or from the TCP/IP network. File Protection Powerful feature that allows you to control record level access internally and externally to file objects in a way that complements the control afforded by the operating system’s built in object authority. Layers of Data Security

Layers of Data Security Firewall Allows you to monitor and secure all inbound and outbound TCP/IP connections to your IBM i environment. Network Security Provides auditing and protection from unauthorized activity coming to or from the TCP/IP network. File Protection Powerful feature that allows you to control record level access internally and externally to file objects in a way that complements the control afforded by the operating system’s built in object authority. Field Encryption A comprehensive platform for field level encryption as well as for security, masking, and scrambling. Includes save file encryption. Layers of Data Security

Layers of Data Security Firewall Allows you to monitor and secure all inbound and outbound TCP/IP connections to your IBM i environment. Network Security Provides auditing and protection from unauthorized activity coming to or from the TCP/IP network. Command Control A layer of access control to system commands that is applied in addition to the object authority controlled by the operating system. File Protection Powerful feature that allows you to control record level access internally and externally to file objects in a way that complements the control afforded by the operating system’s built in object authority. Field Encryption A comprehensive platform for field level encryption as well as for security, masking, and scrambling. Includes save file encryption. Layers of Data Security

Compliance Management Layers of Data Security Firewall Allows you to monitor and secure all inbound and outbound TCP/IP connections to your IBM i environment. Compliance Management Provides a way to monitor object level security and enable updates from GUI interface. Network Security Provides auditing and protection from unauthorized activity coming to or from the TCP/IP network. Command Control A layer of access control to system commands that is applied in addition to the object authority controlled by the operating system. File Protection Powerful feature that allows you to control record level access internally and externally to file objects in a way that complements the control afforded by the operating system’s built in object authority. Field Encryption A comprehensive platform for field level encryption as well as for security, masking, and scrambling. Includes save file encryption. Layers of Data Security

To Summarize…

Questions?

Learn More & Stay Connected Website: visionsolutions.com YouTube: youtube.com/user/VisionSolutionsInc Twitter: twitter.com/VSI_Power @VSI_Power LinkedIn: linkedin.com/company/vision-solutions Blog: http://blog.visionsolutions.com Facebook: facebook.com/VisionSolutionsInc

It is now time for your questions It is now time for your questions. However, before I do that two quick slides on how to reach us.

visionsolutions.com

Thank You! Tak Grazie Bedankt Danke Kiitos Merci Takk Dziekuje Tack Hvala Multumesc Gracias 謝謝您 Terima Kasih Благодаря 감사합니다 Thank You Köszönet