UIIPA – Our 33rd Year!

UIIPA – Our 33rd Year!

Utah IBM i Professionals Association

Posts filed under Security

Cryptography / Encryption for the IBM i

Date: Wednesday, November 18th, 2015encryption

Time: 11:00am – 12:30pm (Free parking, Raffle, & Lunch provided by New Generation Software)

Location: Murray City Offices (City Council Chambers)

5025 South State Street, Murray, Utah

Speaker: Rich Diedrich, Senior Technical Staff member (IBM i Applications & Lab Services)

Topic: Cryptography / Encryption for the IBM i

RichDiedrich

Rich Diedrich is a Senior Technical Staff Member in the IBM Lab Services Power Systems Delivery Practice for IBM i. His specialties include application modernization, cryptography, application communication, and unusual requests. He has been working at IBM Rochester for more than a third of a century and in Lab Services for the last couple of decades.

His presentation covers everything from the history of, to an example PCI implementation.  You will learn about these key points:

 

  • Symmetric key, Asymmetric key and secure hash algorithms
  • Cryptographic protocols
  • Business Considerations for data transmissions, data at rest, system/application considerations, and Key management
  • Specific IBM i Support for Cryptography
  • IBM i capabilities
  • IBM i key management
  • IBM i API’s
  • Cryptography: Example PCI Implementation

Rich’s material will appeal to both Operational & Development groups, mark your calendar and don’t miss this session.

 

In attendance this month we also have Diana Stater who is a Business Intelligence and Financial Management Software Specialist with New Generation Software, Inc.  New Generation Software, Inc. (NGS) is a leading provider of business intelligence, query/reporting, and analytics solutions designed for IBM i users.

We’d like to thank Rich, Diana, and Maxava (Business Continuity, Disaster Recovery, & High Availability Software for the IBM i) for their generous contributions and support of the UIIPA membership.

P.S.  The Annual Christmas Luncheon will be held on Wednesday December 16th 2015 at the Sinclair Oil Headquarters near downtown Salt Lake City.  More details to follow.

 

Downloadables:

2015-11-18 UIIPA IBM Lab Services, Diedrich, Rich – Cryptography – Charts and notes

June Election Luncheon Highlights

Our June meeting was our annual officer election luncheon. This year it was held at Tucanos Brazilian Grill at the Gateway Mall in Salt Lake City. We had some great food and an enjoyable time catching up with our fellow UIIPA members. The newly elected officers are:

Matt Kingdon – Ciber
Joe Wood – JAWS Management, Consulting & Investments, LLC
Michael Leary – People’s Utah Bancorp
Mike Nageli – BMA Banking Systems 

Our guest speaker was Tim Hastings, Chief Information Security Officer (CISO) for the State of Utah. Tim shared with us his knowledge and wisdom with regards to the information security world. If you were not able to attend you can access the slides from his presentation here: Presentation File

Thank you to all who attended!

Election Luncheon

Tim Hastings

 

Annual Officer Election Luncheon June 17th

New Picture (5)

Help us celebrate our 30th year as a user group at our Annual Officer Election Luncheon for the Utah IBM i Professionals Association.

Date: Wednesday, June 17, 2015

Time: 11:30 a.m. check-in and mingle, 12:00 noon lunch

Location: Tucanos Brazilian Grill at the Gateway Mall, second level. The Gateway is located in the heart of Salt Lake City, Utah, along 400 West, between 200 South and South Temple.

Parking: Easy access parking is conveniently located in the Summer and Winter Parking Garages, accessible from 200 South and 100 South. The Summer Parking Garage is located closest to the restaurant. The first hour of parking is free with a parking validation, two hours or less is $1.00, three hours or less is $3.00. Street parking in the area, in some locations, is 2 hours.

Special Guest Speaker

Tim HastingsWe are very pleased to have Tim Hastings, Chief Information Security Officer (CISO) for the State of Utah as our special guest speaker this year. As the news reminds us almost daily, our complex electronic world is under assault relentlessly by cyber-attacks of every kind. Tim brings us real-world experience in dealing with these issues as the State of Utah’s CISO since April of 2013.  As a Senior Manager in Deloitte’s AERS Advisory practice, Tim spent nearly 14 years assessing and developing information technology, security and privacy processes and controls. Tim specialized in security risk and compliance, working with clients to build robust security management programs aimed at achieving compliance, reducing risk, and providing maximum enterprise value.

Tim is currently living in Park City with his wife and 4 boys who moved here after living most of their lives in Houston and Austin, Texas.

Officer Elections

We invite everyone to come and vote to select our next year’s leadership. The offices to be filled are: President, Vice-President, Secretary and Treasurer. All current members can run for an officer position. If you would like to run yourself or have any members you would like to nominate (with their approval) please contact Joe Wood at: uiipa.org@gmail.com

We are in particular need of someone who can takeover the maintenance and updating of this website. If you have WordPress skills – you are needed! Please step forward and help us out!

We ask each member to consider this opportunity to become involved in leading this group here in Utah. It is indeed an honor and opportunity to get to know other talented individuals in this group and the IBM supporting team and other IBM business partners who help in pulling together our monthly meetings.

Free Lunch for Paid Members!

A paid corporate membership entitles two people to come to the luncheon free of charge. A paid individual membership entitles one person to lunch. Any additional guests will be charged $20.00 per person at the door. Checks should be made out to UIIPA. We will need to give Tucanos a count of how many people we are expecting to attend. So please RSVP to Joe Wood by noon on June 15th at: uiipa.org@gmail.com 

2015map-big

April Meeting: DB2 Database Security and Privacy

UPDATE: Thank you Dean for a great presentation. For those who would like a copy of his presentation you can click on this link: DB2 Database Security and Privacy

Our April meeting will be held on Wednesday, April 9th at 11:00 a.m. at the Murray City Offices (City Council Chambers), 5025 South State Street. Everyone is welcome to attend and enjoy a FREE PIZZA LUNCH at the end of the presentation!

 

Topic: DB2 Database Security and Privacy

Speaker: Dean Compher

 

Identity TheftIf you aren’t scared about the security of your database, you should be!

  • Is your database protected?
  • Do you know who is accessing your data?
  • Who is changing your data?
  • Who is stealing your data?
  • DB2 is not your grandma’s database anymore. Don’t protect it like it is.

For database security answers, “DB2 Dean” Compher is the go-to guy. Come hear Dean teach us the ins and outs of database security at our April meeting.

dataprotectionThe security and privacy of the data in your relational databases is becoming harder to protect all of the time. As you can see from the news reports about the Target credit card breach and the State of Utah Medicaid records breach, perimeter security is not adequate. Multiple layers of security are needed to have a good defense including the ability to obfuscate test databases that you copy from production and being able to monitor who is doing what in your production DB2 databases and send immediate alerts when policies are violated.

This includes obvious threats such as access from unknown IP addresses and observing unusual patterns of access. In this discussion we will review the tools IBM provides to centrally privatize test data and monitor production access for your DB2 on iSeries databases and other databases in your organization as well.

Dean Compher

Dean Compher is an IBM Technical Sales Specialist (a.k.a. Sales Engineer) in Utah who supports IBM’s Big Data and Information management products including databases, data governance, information life cycle management, and data security tools. Dean has many years of IT experience including application development and database administration. While he works more in the realm of Linux, UNIX and windows tools, many of these tools span platforms including the security tools and DB2 Connect. Plus he has many contacts in the iSeries world and can usually find iSeries help when needed. You can access Dean’s web site for futher information here: www.db2Dean.com

January Meeting: Developing Secure Applications

UPDATE: Thank you Robin for a great presentation. For those who would like a copy of his presentation you can click on this link: PowerTech – User Group Presentation – Developing Secure Applications on IBM i

Our January meeting will be held on Wednesday, January 8th at 11:00 a.m. at the Murray City Offices (City Council Chambers), 5025 South State Street. This will be a two-hour session with a free pizza lunch break in the middle.

Our meeting topic will be Developing Secure Applications. Although your IBM i server is one of the most securable platforms available, the protection of critical data is often undermined by weak security design at the application level. 

This session will cover the main considerations that a programmer should be aware of as they design their applications:

  • Object ownership
  • Public and private authorities
  • Adopted authority
  • Command line permission
  • Client-server considerations

Our discussion will include why auditors are often deemed to be a programmer’s nemesis, and what it is that they really need from us.

New PictureOur speaker will be Robin Tatam, Director of Security Technologies for PowerTech and a COMMON subject matter expert (SME) for security.  As an award-winning speaker on security topics, Robin has been interviewed and quoted by industry magazines and has published numerous trade articles.  He is also co-author of IBM’s Redbook publication on IBM i Data Encryption. Robin can be reached by email at robin.tatam@powertech.com.

Single Sign On on i

P At sign

What exactly is Single Sign On when it comes to the IBM i?

Do any of you have this implemented in your applications? If so, please explain a little about how this is done.

Please share with us your wisdom and thoughts.