It's Time to Take Security Seriously on IBM i

Posted by Bill Onion

June 7, 2017 | 10:30 AM

Share this blog on:     

IBM i Security.pngOne of the most significant benefits of IBM i is that it is traditionally viewed as a safe platform; you can’t hack it, you can’t break it, and there has never been a recorded virus. But as cyber-attacks become more and more commonplace, IT security needs to become a higher priority for everyone, including those running the seemingly impervious IBM i.

We have found that many IT shops are pretty lax on IT security because of IBM i’s stellar performance reputation. It’s so good at what it does out-of-the-box that everyone assumes the IBM i is safe. Information Security, however, is more than just checking off application option boxes labeled “secure.” IBM i added features like the IFS to share platform applications with Linux and Windows systems. Unfortunately, those same features can expose IBM i to risks, such as the danger posed by the recent WannaCry ransomware attack.    

This article from IT Jungle does a great job of breaking down how WannaCry ties back to IBM i and what we can be doing to prepare and protect our IBM i environments.

Ransomware, Windows, and IBM i

As the IT Jungle article states, while IBM i itself is not directly susceptible to Windows viruses, the Integrated File System (IFS) can store and distribute Windows malware connected to PCs. So, if an IBM i user has their PC’s hard drive mapped into the IFS, then any malware that ends up on that PC could find its way into the IFS and do some damage.

Malware has the potential to encrypt files in the IFS, and while IBM i’s native file system doesn’t support encrypted files, ransomware often deletes the original file after encryption. So even if the encrypted file isn’t supported, the original file could very well be deleted entirely, causing a bigger problem.     

WannaCry’s Impact on IBM i

There have not been any reports of WannaCry affecting IBM i shops or Power Systems environments, but ransomware attacks have been documented on IBM i in the past (and some companies may not report they’ve been attacked). Threats like WannaCry can be the wakeup call some organizations need to step up their security posture. While IBM i wasn’t affected this time, the next ransomware attack might be more successful.

IBM i is still safe, so there’s no immediate worry there. But it’s important to be aware of what’s going on around us and to take internet security seriously even when running IBM i. Learn more about prepping for ransomware and how to increase your IBM i security in the rest of the IT Jungle article.

Could your IBM i environment benefit from an IBM i focused Security Review? Contact our team

New Call-to-action

Topics: IBM i, security

About Bill Onion

Bill Onion is Managing Director of Briteskies, where he has a distinguished track record helping B2B and B2C companies integrate e-commerce solutions. His expertise in the eCommerce world includes Magento and WebSphere Commerce software systems and his enterprise software experience is focused on the Oracle/JD Edwards platform. Bill has many years of consulting experience in various industries, including distribution, warehousing, retail and manufacturing. Bill is an avid runner, is very involved with Scouts, and cannot help but to root for the Browns every fall.

Find me on:

Search

Subscribe to Email Updates

magento-platform-checklist
New Call-to-Action

Contact Us

B2B-2.0