Zero Trust Security for IBM i: How Does It Work?

IBM Power Systems running the IBM i operating systems are noted for their robust security. Yet without proactive user management and attention to security settings (zero trust), even these highly reliable systems are vulnerable to attack. The IBM i platform was designed before the cloud era, and although it has evolved over the years, approaches to its security model must evolve as well.

What Is Zero Trust?

Zero trust is a hot buzz phrase in the IT industry. Coined by Gartner in 2010, the term is a bit of a misnomer. In fact, “zero trust” describes a scenario in which trust must be established before a user or system can gain access to protected resources.

Even as recently as a few decades ago, most IT professionals still conceived of their company’s technology resources as a closed system, protected from the outside world by a strong perimeter. Experts borrowed terms like “DMZ” from military lingo to describe the layers of security surrounding the corporate network.

The concept of zero trust emerged when Gartner and other observers noted that the “perimeter” concept was simply no longer applicable to modern network environments. Organizations have begun to move their computing resources to the cloud. Interconnectivity across multiple offices in organizations is the norm. IT leaders recognize that internal users could potentially pose a security threat as well. The notion of the corporate network as a safe inner sanctum has grown stale.

Zero trust is a set of principles used when designing, implementing, and operating an IT infrastructure. The underlying goal is to reduce the number of scenarios that rely on implicit trust and replace them with mechanisms that provide for an affirmative validation of trust before allowing access.

What we’re talking about is a set of principles – a set of design concepts intended to support robust security.

In 2019, the National Institute of Standards and Technology (NIST) released Special Publication 800-207, which outlined a set of guiding principles for implementing a zero trust concept. The document includes three primary principles:

• Enhanced identity governance: A world with permeable walls requires a stronger identity governance model, giving access to trusted zones based on affirmative identity. 
• Micro-segmentation: An organization should segment its IT landscape so that if a bad actor breaches a system, they will not necessarily be able to gain access to the rest of the company’s resources. 
• Software-defined perimeter: Given the highly interconnected nature of modern systems and the increased use of virtual environments, it no longer makes sense to define a system perimeter in terms of hardware. NIST’s concept of zero trust dictates that this function should be performed in the software layer. 

Implementing a Zero Trust Model

At first, the concept of a zero trust model might seem overwhelming. NIST describes the concept as a “system of systems.” To complicate matters, various organizations have established slightly different conceptual models and alternate nomenclatures to describe their approach to zero trust. Forrester has adopted a data-centric model. Gartner, in contrast, highlights threats, prevention, detection, and response. Microsoft’s concept of zero trust centers around identity.

Despite these very different approaches, the fundamental concepts from the NIST document apply across the board. For any given organization, there is a high likelihood that some elements of zero trust already exist in practice. Presumably, you already have firewalls in place, as well as malware protection and an identity governance program, so you don’t necessarily need to start from scratch to achieve a zero trust environment.

Zero Trust and IBM i

Effective implementation of zero trust principles must necessarily incorporate all of the systems within an organization’s landscape. That includes IBM i systems. Yet the IBM i platform comes with some unique challenges.

Its predecessor, the AS/400, was launched as a single vendor platform back in the late 1980s, before the Internet, and even before PCs had been widely adopted. Its designers conceived it as a self-contained system, with relatively straightforward access control mechanisms.

Today IBM i systems coexist with network servers, laptops, desktop workstations, mobile devices, and cloud computing environments. The world has changed.

To achieve zero trust in this context, organizations must adopt a multifaceted approach. That means streaming events to SIEM (Security Incident and Event Management) or SOAR (Security Orchestration Automation and Response) systems like Splunk, ServiceNow, Phantom, or other industry-standard monitoring and management tools. It requires multifactor authentication (MFA) using platforms like Okta, RSA, Azure, or Duo. It calls for an Active Directory implementation to manage users and permissions, alongside a policy compliance tool that provides a single source of truth.

IBM i systems simply cannot function as isolated silos within the larger IT landscape. The first step toward zero trust is to perform a comprehensive security risk assessment. Precisely’s Assure Security Risk Assessment tool is an essential starting point for any organization that wants to understand its IBM i security risks. The tool checks over a dozen categories of security values, compares them to recommended best practices, reports on findings, and makes recommendations.

Precisely offers a comprehensive suite of tools to add layers of security around your IBM i system and its data, including:

• Assure Multi-Factor Authentication to strengthen login security for configured users using RSA SecurID, RADIUS servers, or a Precisely-provided authenticator.
• Assure Elevated Authority Manager, which automatically controls and manages the grant of higher levels of user authority on an as-needed and time-limited basis, while comprehensively monitoring the actions of elevated profiles. 
• Assure System Access Manager enables tight, automated control of all entry points and pathways into IBM i systems, including network protocols, communications ports, database protocols, and command lines. 
• Assure Monitoring and Reporting seamlessly integrates the full range of advanced IBM i security capabilities into your enterprise SIEM solution for complete, fully coordinated, security.
• Assure Db2 Data Monitor controls and monitors views of highly confidential Db2 data, ensuring the security of your most valuable corporate data while meeting the most stringent regulatory requirements for data confidentiality.
• Assure Encryption defends data at rest using the only NIST-certified AES encryption for IBM i. It fully supports FIPS 140-2 compliant Alliance Key Manager from Townsend Security as well as many leading OASIS KMIP-compliant key managers. 
• Assure Secure File Transfer shields data moving across networks from view and automates transfers, encrypting files using globally recognized standard protocols including Secure Shell (SSH SFTP) and Secure FTP (SSL FTPS). 

To start your path toward zero trust security with IBM i, read Precisely’s free ebook, An Introduction to IBM i Security Risk Assessment.