Start Time: Reg. 5:30 pm
IFS Security – Don't Leave Your Server Vulnerable
Experts agree that one of the most overlooked areas of IBM i security is the Integrated File System. Available since V3R1, the IFS provides access for users carrying nothing more than a user profile and password, so it better be secure! If you believe nothing important is stored on your server's IFS, think again, because it's a conduit to many things, including the Operating System and all of your application libraries and files.
Attend this important session to learn about securing the IFS, including:
· Why do we care about the IFS?
· Permissions versus Authority
· Root folder access
· Auditing IFS activities
· Read/Write versus *ALLOBJ
· Anti-Virus Considerations
Developing Secure Applications
Although your IBM i server is one of the most securable platforms available, the protection of critical data is often undermined by weak security design at the application level.
This session will cover the main considerations that a programmer should be aware of as they design their applications:
· Object ownership
· Adopted authority
· Public and private authorities
· Command line permission
· Client-server considerations
Our discussion will include why auditors are often deemed to be a programmer’s nemesis, and what it is that they really need from us.