The Leading Educational Resource for IT Professionals

Book Review: IBM i Security Administration and Compliance, Second Edition


IBM i Security Administration and Compliance, Second EditionIBM i Security Administration and Compliance, Second Edition, the latest version of Carol Woodbury’s well-known IBM i security reference, starts with Carol laying out her goals for the book, which are to provide the reader with choices, practical implementation examples, insight into the appropriate security scheme for your organization, and time-saving tips. I think she hits the ball out of the park. Not only does the book provide valuable technical information, it also introduces the reader to fundamental concepts of information security management.


Every step of the security management process, from defining security policies through security audits and each step in between, is addressed. Security management needs to start with a definition of policies and, appropriately enough, the second chapter covers this topic.


The rest of the first half of the book describes each of the basic tools for administering security provided by the operating system. This will be useful to those who are new to the security administration job or who just need a reference guide. These sections of the book are full of advice for how to use the various options. They discuss in detail system-level security, user profiles, object-level security, IFS access control considerations, service tools, mechanisms for securing connectivity to and from the system, encryption, and more.


The second half of the book discusses ways that administrators can apply these tools (separately and together) to address real-world situations and problems. Carol provides numerous examples, options, and recommendations for many of the problems security administrators encounter in their day-to-day working life. This half of the book addresses implementing object-level security and role-based access control, analyzing application security and Internet security, achieving and maintaining compliance, and planning your organization’s response to a security incident—before you have to use it.


This is a great book for those who are just starting to learn about IBM i security management and those who face new compliance challenges. The book touches on every important aspect of these topics and presents them in a very readable, understandable format. It also provides examples, alternatives, and suggestions for a multitude of scenarios.


For those who are “old hands” at security administration on the IBM i, this book makes a great reference guide. There is so much to know about security administration. Nobody can know or remember it all. I even find myself going to the IBM Security Reference manual and then going to this book for a more practical description of some of the less often-used tools and options. If you have only one book for security administration and compliance on the IBM i, this is the one you should have.


Want more information about IBM i Security Administration and Compliance, Second Edition? Download sample book content on the book's page in the MC Press Bookstore (Click the “Look Inside the Book” tab.)


Reviewed by Pat Botz

Also in Bookstore News

Need Cross-Platform Data Access? This Book Can Help


Extract, Transform, and Load with SQL Server Integration Services, now available from MC Press, shows you how to build a handy, reusable cross-platform data access solution using familiar software tools—SSIS, Visual Studio, and others—to access data on SQL Server, IBM Db2, Oracle, or any platform that supports OLE DB or ODBC.

Continue Reading →

New from MC Press: Developing Business Applications for the Web


Developing Business Applications for the WebWhether you are a novice or experienced developer, you will find Developing Business Applications for the Web - With HTML, CSS, JSP, PHP, ASP.NET, and JavaScript to be essential reading to hone your Web development skills in building applications that perform business tasks.

Continue Reading →

New from MC Press: Identity Management: A Business Perspective


Identity Management: A Business PerspectiveTechnology advances like cloud, mobile, and Internet of Things have made identity and access management more important than ever, and also more complex. How can business leaders get a handle on their evolving identity needs? By making identity management a core part of business strategy, says Graham Williamson in his latest book, Identity Management: A Business Perspective.

Continue Reading →