Secure IBM i Systems to Meet Today's Risks

Despite increased network presence, modern interfaces, and integrations, many organizations are still applying an old security model from the green-screen days.

Your Challenge

  • IBM i is no longer isolated from threats. The increase in web-based applications and network presence as part of modernization efforts has also increased security risks.
  • Modernization has also made security requirements more complex than even just five years ago. For example, the need to lockdown access has to be balanced with appropriate web access to support a modernized legacy application.
  • Security best practices are often neglected due to the perception that IBM i is secure “out-of-the-box.” IBM i is capable of being a highly secure platform, but only if you leverage the available security features.

Our Advice

Critical Insight

  • “Security by obscurity” doesn’t work anymore. The increase in attack surfaces as companies modernize and web-enable legacy applications means security has to be just as much a concern for this platform as for any other.
  • The platform’s environment and security risks are too complex to manage effectively without the assistance of third-party tools, especially for mid-to-large enterprises. For example, third-party tools are necessary to review system logs, enforce change control, and manage user access rights.
  • The security practices of the green-screen days aren’t good enough anymore. Organizations must adapt their security practices for IBM i to meet today’s increased security risks.

Impact and Result

  • Address modern security risks from external Internet-based attacks to application vulnerabilities such as SQL injection and cross-site scripting.
  • Implement appropriate guidelines for assigning special authority access rights.
  • Establish best practices for security monitoring.


  • Rick Odegard, IT Operations Manager, Appleton
  • Steve Barb, Senior Programmer/Analyst, City of Winchester, Va.
  • Trevor Perry, Chief Strategist, Angus Thinks!

Get the Complete Storyboard

See how all the steps you need to take come together, with tools and advice to help with each task on your list.

Download Now

Get to Action

  1. Secure your IBM i system to meet today's risks

    Protect your IBM i from external and internal threats.

  2. Restrict network access

    Ensure IBM i requirements are incorporated into perimeter security.

  3. Secure your applications

    Incorporate security requirements in application development processes.

  4. Protect your data

    Exclude public access to your data and encrypt sensitive data.

  5. Manage user access rights

    Control user access rights for internal staff, vendors, and consultants.

  6. Implement security monitoring

    Enable security auditing and conduct regular security reviews.

Guided implementation icon Guided Implementation

This guided implementation is a six call advisory process.

  • Call #1: Understand the current state of IBM i

    Understand new security risks, and review and evaluate security settings.

  • Call #2: Secure network access

    Secure network access using exit programs, IP packet filtering, and perimeter security.

  • Call #3: Incorporate application security

    Separate production from development environments, incorporate security considerations into change management processes, and test your code for vulnerabilities.

  • Call #4: Protect data

    Exclude public access to data and secure your integrated file system. Encrypt and physically secure sensitive data and backups.

  • Call #5: Manage users

    Manage user access rights, limit special authority, and implement physical security.

  • Call #6: Implement security monitoring

    Enable security auditing, establish guidelines for reviewing audits logs and security standards, and determine required security software.

Hide Details

Search Code: 58524
Published: May 2, 2013
Last Revised: May 2, 2013

GET HELP Contact Us
VL Methodology