Presentation is loading. Please wait.

Presentation is loading. Please wait.

ISecurity End-to-End Security. Part 1 Overview About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

Published byBlaze Blake Modified over 9 years ago

Similar presentations

Presentation on theme: "ISecurity End-to-End Security. Part 1 Overview About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System."— Presentation transcript:

1 iSecurity End-to-End Security

2 Part 1 Overview

3 About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System i 3 product lines: iSecurity Infrastructure Security iSecurity Application Security Scope system tools: file editor, performance tuning Over 12,000 licenses worldwide Installed in over 30 countries worldwide Worldwide distribution network IBM Advanced Business Partner

4 Raz-Lee’s Global Distribution Network

5 Selected iSecurity Banking Customers

6 Part 2 Why Do We Need Information Security?

7 Mandatory Security Regulations Government and Industry Regulations SOX Financial HIPAA Health care PCI Credit cards ISO 17799 Information Security Basel II Banking Internal security policies Regulation Stipulations All changes to data must be recorded and accessible for auditing, often for periods of many years. All data must be protected against illegal modification and/or erasing. Read access to data is often suggested but not mandated.

8 Sample: iSecurity Solutions for SOX

9 Information Breaches – a Grave Danger Physical Break-In At office, off-hours By outsiders Risky, quickly detected Complex to carry out Generally limited damage Protection requires high investment & equipment Information Breach From anywhere, anytime 80% of breaches - by insiders Small risk, hard to detect Simple for hackers Potential disaster to company, customers, suppliers & partners Protection at lower costs Most Companies invest heavily in protection from physical break-ins, but the most dangerous threat lies in INFORMATION BREACHES.

10 Fraud – Not Worth the Risk Societe Generale Bank was offered iSecurity but said “they don’t need it”!

11 8 False Assumptions about System i Security Our company blocks external access Our System i is not connected to the Internet Our employees are trustworthy Our network firewall is enough Native System i security is good enough System i auditing features are good enough Green Screen terminal users aren’t a threat All security software is the same

12 Part 3 Hacking Scenario

13 Monday, Midnight “OK, I’m bored… Let’s do some quick hacking…” Rob Black Hacker

14 5 Minutes Later “Got it! I’m inside IronTrust Bank systems. I really need a new sports car… Let’s extract a few hundred thousands...

15 Tuesday, Midnight “OK, now let’s try SMART Insurance… this should take about 5 minutes! Rob Black Hacker

16 One Minute Later Glenda Wright, Information Security Manager, SMART Insurance “Our Firewall just blocked a break-in attempt. I’ll have the identity, time and IP address in a minute.”

17 5 Hours Later “Hey, what are all those security layers? And all these protected exit points… I can’t get through… there goes my new car!” Rob Black Hacker

18 Part 4 iSecurity Overview

19 Compliance Evaluator Visualizer Re-assessment Auditing Protection Firewall Authority on Demand Anti-Virus Screen Password Action Audit Capture User Profile System Control Central Admin Databases AP-Journal View Filescope iSecurity Overview Compliance Regulation (PCI, HIPAA, SOX) or Security Breach or Management Decision Assessment 1 2 3 4 5 6 7 8

20 iSecurity Unique Features Truly end-to-end solution for Security and Compliance The only solution supporting both full GUI (Eclipse + Java) and full Green-Screen (preferred by administrators/operators) Robust system, exceptional performance on large systems The only solution handling millions of transactions per day Feature-Rich – Wizard-based, numerous options Easy to learn and use Object Level security Advanced network access and auditing solutions (built-in reports, report generator, report scheduler) Includes both Infrastructure Security and Application Security Field-proven – 20 years of experience, installed in over 30 countries Technological superiority – always up-to-date with IBM

21 iSecurity – Effortless Security Wizards perform numerous tasks Best-fit Algorithm suggests security rule Reports are sent by email Upon a breach, Action will automatically: Send an e-mail/SMS to the admin End the relevant user session/delay it by 5 minutes Disable the user (will not be able to log on again) Start Capture – providing proof of the breach and offender identity

22 iSecurity Product Packages Prevention Package Firewall Screen Password Visualizer for Firewall Central Control for Firewall User Profile Manager Compliance Package Audit Action Visualizer for Audit Central Control for Audit System & MSGQ Control Journal regulation compliance Standalone Modules AP-Journal View Capture Anti Virus

23 “Click & View” Compliance Reporting: over 300 Built-in Reports

24 Using Business Intelligence to Understand & Analyze Security Data

25 Part 5 Product Focus: AP-Journal

26 AP-Journal Overview Application Security & Business Analysis tool Keeps managers constantly informed of changes in business-critical data Relax. AP-Journal Will Check it for You.

27 Features Reports (Comprehensive, based on field value changes) Alerts (e.g. “Price of item increased by over 10%”) Keeps selected updates in intermediate storage for long periods Cross-application activity tracking (from ERP, Finance, Shipment applications, etc.) Instantaneous access to data covering numerous years Used to meet regulatory requirements - SOX, HIPAA, PCI (Ensures only authorized programs update production data) Based on patent-pending technology

28 Part 6 AP-Journal Alert Scenario

29 Monday Morning Mr. Bryan Fields HR Audit Manager Insurance Company “OK… Let’s define salary thresholds. Assistants: Alert at over 10%...”

30 Three days later… Ms. Jane Smith Administrative Assistant Insurance Company “Finally… I got a 20% raise!”

31 One second later… Mr. Bryan Fields HR Audit Manager Insurance Company

32 Part 7 AP-Journal Report Scenario

33 At the Greenspan Residence “Dear… Shouldn’t we be done with our mortgage already? It’s been 35 years…” Mr. & Mrs. Greenspan Retired Senior Citizens

34 At the Bank Mr. Michael Hill Mortgage Consultant Mortgage Timeline: Greenspan family 15 Aug 1973 Mortgage start 1 Oct. 1975Change of interest rate +4% Mortgage frozen 30 Nov 1981 4 Mar 1992$15,000 installment 1 June 1978 Standard payment $800 Change of property 6 Jul 2001 2 nd mortgage added 1 Apr 2003 1 Apr 1996Guarantor replaced Standard payment $1000 8 Jan 2007 “In just a minute, I will produce a report that covers all the information about all 35 years of your mortgage: payments, interest rates, guarantors…”

35 Back at the Greenspan Residence “Goodness! All that information in a single report. This bank sure gives great service. “ Mr. & Mrs. Greenspan Retired Senior Citizens

36 Part 4 Assessment: Getting Started with iSecurity

37 Generates user-friendly security assessment report Valuable information at no cost Installs on a PC within minutes Assessment - Get Started Now with this FREE Product!

38 Assessment Objectives & Deliverables Objectives Set “baseline” for corporate security policies Check compliance with external regulations & baseline corporate security policy Prioritize security efforts Identify security issues before they occur Deliverables User-friendly report covering network access, system auditing, user management, terminal access, password policy, etc. Assessment recommendations based upon security best practices Sample questions answered Who is using FTP (file transfer) to download files? Which application files are being transmitted via the network? Which system value settings are not in accordance with our site’s policies? How many of our users have non-secure passwords? Which user profiles are not being used and should be disabled?

39 Please visit us at www.razlee.com Thank You!

Download ppt "ISecurity End-to-End Security. Part 1 Overview About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System."

Similar presentations

Firewall End-to-End Network Access Protection for System i.

Firewall End-to-End Network Access Protection for System i.
Travel and Expense Management Scenario Overview

Travel and Expense Management Scenario Overview
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
BalaBit Shell Control Box

BalaBit Shell Control Box
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.

Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.
Authority on Demand Control Authority Rights & Emergency Access.

Authority on Demand Control Authority Rights & Emergency Access.
Hacking www.razlee.com Capture Save and Playback User Session Screens.

Hacking Capture Save and Playback User Session Screens.
1 Visualizer for Audit Graphical Business Intelligence Display & Analysis Tool.

1 Visualizer for Audit Graphical Business Intelligence Display & Analysis Tool.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
1 Assessment Comprehensive Analysis of System i Security.

1 Assessment Comprehensive Analysis of System i Security.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Travel and Expense Management Scenario Overview

Travel and Expense Management Scenario Overview
SAP Travel OnDemand Travel and Expense Management

SAP Travel OnDemand Travel and Expense Management
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Security Controls – What Works

Security Controls – What Works
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security, Continuity & Compliance Gordon McKenzie Business Development Director, Syan Limited.

Security, Continuity & Compliance Gordon McKenzie Business Development Director, Syan Limited.

Similar presentations

Ads by Google