Solution Sheet

Product Sheet: Assure Security Risk Assessment

Precisely’s Security Risk Assessment is essential to proactively understand your IBM i (AS/400) security risks

Given the increasing frequency of cyber attacks, it is essential to regularly conduct security risk assessments as part of a comprehensive IT security program. In fact, many compliance regulations, such as PCI DSS and HIPAA, require annual IT risk assessments. Unfortunately, not all security auditors understand the special security features of IBM i (AS/400), and not all IBM i administrators have the knowledge or the time to conduct regular, thorough security assessments.

Assure Security Risk Assessment, a core component of Assure Security, is an essential tool for any organization that wants to proactively understand its IBM i security risks without overloading IT managers or hiring external consultants. It checks over a dozen categories of security values, reports on findings and makes recommendations. Sufficient detail is provided to guide technical staff on remediation, while managers receive a higher-level summary of risk level.

Companies that would like to get an initial view of their security risk can request a free one-hour risk assessment at https://www.precisely.com/assure-security-risk-assessment. Our security professional will guide you through the installation of the tool,
run your initial reports and provide you with analysis of your individual results.

Key Features
• Runs as a native job on the IBM i
• Checks dozens of security definitions on your IBM i
• Compares actual values against recommended best practice
• Tags results with three simple severities – OK, Warning, or High Risk
• Explains the meaning and significance of system definitions
• Delivers easy guidance on reducing cyber security risks
• Provides a high-level management summary of security risks resulting from your system definitions
• Produces reports in HTML and PDF formats

Detailed Sections Include:
• Management Summary
• System Values
• Default Passwords
• Disabled Users
• Inactive Users
• Distribution of Powerful

Users
• Library Authorities
• Open Ports
• Exit Programs

Assure Security Risk Assessment