IBM i & i5/OS Security & Compliance: A Practical Guide [Paperback]

Carol Woodbury (Author)

Book Description

Publication Date: April 17, 2009

Get a fresh look at the world of IBM i and i5/OS security in this comprehensive book by one of the industry s leading authorities on security. Security consultant Carol Woodbury takes her extensive experience designing and implementing security on IBM systems and makes it relevant for today s world. Throughout the book, she discusses issues that organizations need to address for compliance requirements, providing best practices as well as alternatives and options for compensating controls when best practices cannot be applied. Building on the foundation laid by the popular Experts Guide to OS/400 & i5/OS Security, this edition features completely updated information throughout. New chapters address compliance requirements for IBM i, implementing role-based access (RBAC), implementing object-level security, and creating a security incident response plan. Carol Woodbury s methodology for implementing object-level security is described in detail. Topics include determining a system s current settings, default access requirements, process access, and the rollout of new application security models. The book presents this information in a clear and informative way that lets even non-security professionals understand and apply the concepts. This book is a must-read for any auditor, system administrator, security officer, or compliance officer who works with IBM i or i5/OS. Contents Chapter 1: Security The Real Reason You re Reading This Book Chapter 2: Policies and Procedures Chapter 3: Security at the System Level Chapter 4: The Facts About User Profiles Chapter 5: Service Tools Security Chapter 6: Object-Level Security Chapter 7: Security Considerations for the IFS Chapter 8: Securing Your Printed Output Chapter 9: Encryption Chapter 10: Connecting to the System Chapter 11: Internet Security Chapter 12: Evaluating Applications Current Implementations and Designing New Ones Chapter 13: Role-based Access (RBAC) Chapter 14: Role-based Access for IT Chapter 15: Auditing Chapter 16: Implementing Object-Level Security Chapter 17: Maintaining Compliance Chapter 18: Preparing for the Worst: Creating a Security Incident Response Plan Chapter 19: Creating a Security Awareness Program

Editorial Reviews

About the Author

Carol Woodbury is president of SkyView Partners, Inc., a firm she co-founded in 2002 that specializes in security policy compliance software and remediation services. Carol has worked in the field of security since 1990. She worked for IBM in Rochester, Minnesota, for 16 years, the last 10 of which were spent as team leader of the OS/400 security development team and chief engineering manager for AS/400 security. Carol is an award-winning speaker who speaks around the world on the topic of security. She is also an award-winning writer and serves as a technical expert on security topics for numerous publications.

Product Details

• Paperback: 336 pages
• Publisher: 29th Street Press, a Division of Penton Media (April 17, 2009)
• Language: English
• ISBN-10: 1583041249
• ISBN-13: 978-1583041246
• Product Dimensions: 9 x 7 x 0.7 inches
• Shipping Weight: 1.2 pounds
• Average Customer Review: 5.0 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #1,620,277 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

5.0 out of 5 stars IBM i & i5/OS Security & Compliance is the Leatherman of guides to security for this platform., June 22, 2009

By 

Brian Hole "Security Officer and CISSP" (Bend, Or) - See all my reviews
(REAL NAME)   

This review is from: IBM i & i5/OS Security & Compliance: A Practical Guide (Paperback)

This book successfully combines and clearly presents the informational needs of CIOs, CISOs, new users, auditors, and expert administrators.

Right from the first page this book highlights the basic security principles of Confidentiality, Integrity, and Availability and carries that message through to the end. Carol Woodbury uses great real world examples to relate security situations to simply understood everyday situations.

Amazingly, it doesn't just contain general information but has the deep knowledge and tips from overall system security to users and groups to object security and more. Systems administrators will find the highlighted "Technical Notes" stand out on the page - which makes for easy use and quick reference.

You can use the "Security Recommendation" notes for quick reference and as I proceeded through the book I realized they could be condensed as the security guidelines for IBM i in our company.

Compliance is a huge effort for our team today and it was great to find a book that understands the complexity involved in getting there. The guidelines set out here help us to convey the right ideas to our executives on how to move forward with that effort.

In summary, IBM i & i5/OS Security & Compliance was well written, easy to read, and simple to understand. All the members of your security team need this book and will probably wear it out.

0 of 4 people found the following review helpful:

5.0 out of 5 stars Go Carol!, April 23, 2009

By 

Anne Lucas "Anne Lucas" (Birmingham, Alabama) - See all my reviews
(REAL NAME)   

This review is from: IBM i & i5/OS Security & Compliance: A Practical Guide (Paperback)

Carol is tops as an expert in security! She is the personification of integrity! And, she is an awesome lady! God bless you, Carol, as people use this book to protect their businesses. Anne Lucas