Agenda - Monday, October 3, 2022


8:15 am - 8:45 am  
Continental Breakfast and Welcome

9:00 am - 9:30 am
Intro to IBM i Security – Overview of Terminology and Capabilities on IBM i
Carol Woodbury, DXR Security

The security capabilities of IBM i are immense. This session describes the basic capabilities provided and the technology used that makes this system secure-able.


9:45 am - 10:15 am
Managing user profiles to reduce risk including excess capabilities and inactive profiles
Carol Woodbury, DXR Security

Removing excess capabilities is one step of reducing risk. This session describes the user profile attributes that cause the most risk and provides recommendations for finding and reducing the risk.

10:30 am - 11:30 am

Anatomy of a Password
Robert Andrews, IBM

Have you thought about the passwords you use on your systems? What rules or restrictions do you have in place? But more importantly, why?! Have you ever thought about what those rules actually do to your passwords? Do you think they are making you more secure or less secure? In this presentation, we will cover passwords in depth, in theory, and specific to IBM i. Can your IBM i password be hacked?

11:45 am - 12:45 pm

Considerations for implementing Single Sign-on (SSO) on IBM i
Thom Haze, IBM

This presentation will describe the Kerberos protocol and how to map a domain user ID to an IBM i user profile to safely authenticate the user to an enabled network application without passwords being sent across the network. 



2:00 pm - 3:00 pm
Introduction to Object Level Security and Using Authority Collection to Secure Data
Thom Haze, IBM

Data can be secured in a variety of ways. This session describes the capabilities provided by IBM i including the Authority Collection feature. This feature takes the guesswork out of securing data allowing you to determine exactly who is accessing the information and what authority is required so other access can be denied.

3:15 pm - 4:15 pm
Securing the IFS
Carol Woodbury, DXR Security

Access to the Integrated File System (IFS) via file shares is the entry point for ransomware on IBM i.  This session will describe the capabilities available for protecting the system from ransomware.

4:30 pm - 5:30 pm

Securing Your IBM i in a Hybrid Environment
Pete Helgren, Bible Study Fellowship

Is cloud security an oxymoron?  What about my IBM i applications? How can you possibly defend against so many attack vectors? If you can't eliminate the threat, can you at least minimize the exposure? This session will focus on the top 10 exploits, all of which can be launched against the IBM i whether at home or in the cloud. We look at not only securing the system and attached devices but also how to develop defensible web applications that are hosted on your IBM i.

    Agenda - Tuesday, October 4, 2022


    8:15 am - 8:45 am  
    Continental Breakfast

    9:00 am - 10:00 AM
    Intro to Encryption Including Data Encryption on IBM i
    Thom Haze, IBM

    This session will describe the concept of encryption in simple, understandable terms and describe the encryption capabilities provided by IBM i including data encryption, disk encryption and encrypted back-ups.

    10:15 am - 11:15 am 

    Securing Communications – Using DCM to Assign Digital Certificates to Encrypt Communications
    Thom Haze, IBM

    Network communications require encryption. This session provides the foundation to configure and manage network security on IBM i using Digital Certificates assigned to Application Definitions to establish industry standard Transport Layer Security (TLS) encryption.

    11:30 am - 12:00 pm
    SSH vs SSL - More Different Than One Letter
    Wayne Bowers, IBM

    As the IT industry correctly places a higher emphasis on security an important part of that is securing how your applications connect and your data passes across the network. SSH and SSL are 2 foundations upon which secure communications can be based.  There seems to be a common misconception that these technologies are more or less secure versions of the same thing. Receiving questions on wanting to secure Telnet with SSH instead of SSL because SSH is more secure, or needing to move from FTP-s to sFTP for the same reason.  This session with explain the foundational approaches that each of these technologies takes, how they are both secure, and how they are different and are not usually direct replacements for each other.

    12:15 pm - 12:45 pm 
    Intro to the Audit Journal
    Carol Woodbury, DXR Security

    IBM i capabilities include an integrated logging feature. This robust feature provides a definitive record of activity on the system and is a key element to breach investigation. This session will describe this auditing feature and how to configure it.



    2:00 pm - 3:00 pm
    Developing an Incident Response Plan to include IBM i
    Steve Pitcher, iTech Solutions

    An organization’s incident response plan often omits IBM i. This session describes the steps you’ll want to include to ensure a breach investigation can adequately include IBM i. Topics include planning for the logs, journals, back-ups, etc., that are required to investigate a breach.

    3:15 pm - 3:45 pm

    Investigating a breach of IBM i
    Steve Pitcher, iTech Solutions

    A breach has occurred. This session describes the steps you may be required to take to participate in the investigation of the breach.

    4:00 pm - 4:15 pm

    Using your IBM i Audit Journal as an Early Warning Signal
    Steve Pitcher, iTech Solutions

    The IBM i audit journal contains so much information – including information that can be used as an early warning signal of an attack. In this session you’ll learn which events should be reviewed on a regular basis and which ones can be used as an early warning signal.


    All times listed above are in Central Time (GMT -05:00)