KENT, Wash. -- The PowerTech Group, Inc. announced today that it has released its fourth annual review of the state of security on IBM's System i platform (also known as AS/400 or iSeries). The study is based on the results of nearly 200 system audits that were conducted by PowerTech over the last 12 months. The complete results and analysis are published in a whitepaper, which can be downloaded from the PowerTech website at www.powertech.com. The 2007 security study demonstrates that although the system is very reliable and has great security features, the overall security of machines in the field is often both poorly managed, and poorly configured by the organizations that use it.
PowerTech's President & CEO Jon Scott stated, "IBM has architected the System i with industry leading security capabilities. 98% of Fortune 1000 companies run some part of their business on this architecture, and some of the most sensitive information a company keeps is stored on the system. It is common to find critical applications such as accounting, payroll, inventory control, order entry, and customer care applications all housed on a single machine. The study points out that a large percentage of systems are not configured correctly by IT departments with respect to security, resulting in a large number of systems being vulnerable to internal security breaches."
System i security expert and PowerTech's Chief Technology Officer John Earl said, "The computing and networking demands of today's enterprises require more open connectivity and targeted sharing of data between departments and key business partners. But many OS/400 shops have yet to embrace the new security technologies that are available in IBM's architecture and through third-party security applications, leaving their critical data exposed."
Forrester estimates that 70% of all database breaches are internal, making it even harder for IT to monitor such activity because the actions are often undetectable. (Enterprise Databases Need Greater Focus To Meet Regulatory Compliance Requirements, Noel Yuhanna, January 24, 2007)
As good as the operating system is at protecting the data assets, any system is only as strong as the policies and practices deployed to keep it safe.
With the extent and cost to companies of data security breaches, and the ease of which the System i platform can be secured, PowerTech continues to be surprised by the study results.
The PowerTech Group Inc.