Advisory Board

Last week was exciting, as PowerTech hosted an Advisory Board of customers from Minneapolis to the UK. The advisory board is a two-day session that is primarily an open forum about the security challenges that these companies are facing, and a discussion of how PowerTech solutions are helping mitigate many of them. It’s also an opportunity for our team to assign priorities for PowerTech’s future development initiatives that have been identified for the current product set, as well as to assess future directions.

PowerTech representatives spent time with each of the board members and performed product reviews to ensure that all of the members were up-to-date on the latest releases of our solutions. This also provided a great opportunity for networking between the members, and to get some insight into the creative ways that other organizations have deployed our products and services, especially in conjunction with many of the Robot solutions from Help/Systems.
Of course, it was not all work and no play. Although I won’t talk about individual scores—primarily as I didn’t get the highest—we all enjoyed a fun evening of bowling, pool, and dinner at a local entertainment center. The team-colored bowling shirts that had been designed for everyone ensured that the group competition remained intense but friendly.

Look for more of an overview of the Advisory Board in our upcoming edition of the PowerNews eNewsletter due at the beginning of next month.

IBM i 7.1 Released

IBM officially announced v7.1 of the IBM i operating system last week. Due to the numerous security enhancements introduced in V5R4 and v6.1, IBM gave some attention to other areas of the operating system this time around. However, there were some new details that were presented to our advisory board and internal staff by Jeff Uhling, a guest speaker that we had visit us from IBM Rochester, home of the “AS/400.”

Some high level details of enhancements include:

• Two new user profile parameters pertaining to automatic disablement of the profile after a defined period of non-use, or on a specific date. If you choose the inactivity option, you can select from 1-365 days. This functionality has been available via the Analyze Profile Activity (ANZPRFACT) command as part of the IBM Security Toolkit, but these parameters make it more mainstream.

• Encryption enhancements include a field-level exit program. While read-based triggers previously were unable to perform changes to the data being read, this exit point’s program allows the data to be selectively decrypted. This exit program is not specifically tied to encryption/decryption functions, so expect to see other uses dreamed up by the ‘i’ community.

• V7 enhances full disk encryption with the ability to start and stop encryption on existing auxiliary storage pools, instead of requiring a new ASP to be created.

Regulatory News

In regulatory news, Washington became the third state to pass legislation incorporating the Payment Card Industry (PCI) standards to help financial institutions recover costs associated with credit/debit card breaches. Although there are some experts that doubt the effectiveness of such legislation (partly on the grounds that it really only affects those not already compliant with PCI regulations), HB1149 contains provisions for controlling organizations that process more than 6 million transactions per year. Recovery includes the cost of reissuing cards to Washington residents, as well as damages caused by defects in a vendor’s software or equipment related to encryption, if that defect caused the breach.

Have a wonderful week!

- rt

This entry was posted on Tuesday, April 20th, 2010 at 3:02 pm and is filed under Other. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.