AS400/iSeries Security: Are you Marked safe?

Sep 29, 2021 Rima Dutta
Evolution is gradual. It happens uninterrupted in the background, the immediate effect of which might seem negligible but when collated over years, the results are gigantic.

But why are we talking about evolution and its how bouts in this blog? Let’s have a look.

When AS400 was first introduced, the concept of digitization was at its nascent stage. Therefore, with time, IBM changed the hardware as well as the software to keep up with the advancing market dynamics. The addition of ‘i’ to IBM opened up the whole new world of interoperability/connectivity to the otherwise isolated AS400 systems. This move created opportunities, enhanced relevancy but also shaped up new vulnerabilities.

Back in the 80s, the security structure for AS400 was indomitable. Thirty years down the line, the graph went from indomitable to highly secure to stable to the point where security sits amongst the top most AS400 concerns. This shift in the adjectives happened when organizations ignored the tiny specks of irrelevancy in the default security features, time and over.

Below, we have the top four areas you should monitor regularly to ensure a rigid but adaptable security structure:

  • 1. Application Security: Application security ensures protection of the applications stored on your system while simultaneously allowing users to access them as per the requirements. The activities which, in the closed environment of the AS/400, seemed impossible are now carried out remotely, thus, increasing vulnerabilities to breaches and security threats. Application security involves development of security features within the applications to safeguard data from any unauthorized access and modification.
  • 2. Resource Security: Resource security allows you to pre-determine who and how objects (a named space on the system that can be manipulated either by the user or the system) are to be used. In addition, when you set up object authority, you need to be careful to give enough authority to users so that it does not impede their regular work while also ensuring that they do not have the control to browse and change the system.
  • 3. Menu Security: Menu security controls the menu functions that can be performed by any user. This was originally designed for S/36 and S/38 as a follow-on product and later, to have a grip on what users can or cannot do, system administrators on those earlier systems used a technique called as menu security or menu access control.
  • 4. User Security: User security is a component that talks about the IBM i security from a user perspective. It determines how they use the system, their degree of freedom and helps protect businesses against cyber threats like phishing, etc. It is important to take into consideration how the users may respond to the security framework as it involves their day-to-day workflow.

Security isn’t just about how well built the features are but also how well implemented they are. Furthermore, the daily, weekly and monthly practices add up to the collective goal of “supreme AS400 security”.

Here’s a ready-to-use checklist to include in your AS400 safety routine:

  • 1. Encryption – Data is critical to any business operating in the digital age, which is why it is most vulnerable to attacks. Encryption renders your data unintelligible to users who do not have proper authorization to access it. The AS400 harbors years of data, encryption ensures its confidentiality and minimizes the risk of malice.
  • 2. Limited Special Authority – Organizations give too many user profiles the access to all databases and objects in the IBM i system. This translates to a situation where there is no check over employee activity in the system. They can access unauthorized files or even delete information off the machinery. The excess administrative privileges are like a constant hammering to the IBM i security.
  • 3. Object-level security – Applying Object-level security, which is controlling who has access to objects and their level of access is essential to inculcate confidentiality and integrity in the hierarchy. Often enterprises rely solely on the Menu-based restrictions. This primitive layer of security has a limited range and can cause serious repercussions in the long run.
  • 4. Eliminate Default Passwords – This is a no-brainer as testing for the usage of default passwords is often a hacker’s first line of attack. Therefore, eliminate default passwords all throughout the system. Often it is by ignoring the simplest of the criterions that enterprises make room for loopholes.
  • 5. Regular Audits – After establishing the framework, security audits help in maintaining continuity and provide credibility to the structure. Regular audits not only strengthen the overall safety but also bring possible risks to the radar, thereby, keeping the concerned authorities one step ahead in the game.

AS400 Security: One Step at a Time

We believe and inculcate our mantra “Think Simple, Build Powerful” in our solutions as well. If IBM i security is something that has been bothering you, this is just the right space.

How does it work?

  • Consultation – Talk to our IBM i experts and find answers to all your ‘Whats & Hows”.
  • Assessment – Sit back while we analyze the system, perform gap analysis and take notes of the desired objectives.
  • Planning – Based on the objectives, we chalk out a plan that aligns with the said goals and the timeline.
  • Report – Post analysis, you get a detailed report of the existing security setup, its loopholes along with the areas of improvisations.
  • Solutions – Here, we discuss all possible solutions with the in-house IT team and figure out the one that resonates the best.

Reach out to us at and speak with our experts to devise security strategies that would help you in the long run.

Post Tags:
Share via:

Rima Dutta

Made my favourite sandwich using the best of both worlds - Technology & Writing. The girl next door who talks to the camera, cries watching K-dramas and has an unhealthy obsession with momos & fictional characters.