Customers use the IBM i operating system to run critical workloads that often involve sensitive financial and operational data that must be kept secure. With security threats such as viruses, hacking, ransomware, and data exfiltration coming from every angle — even from within a customer’s own organization — maintaining data security is crucial.

IBM i is one of the most secure and securable platforms on the market today. To leverage the full security capabilities of the IBM i operating system, users need to understand how it works and what they can do to maximize its security features.

What is IBM i and how does it secure data?

IBM i is an operating system that customers use on IBM Power Systems servers. Essentially, it is a database appliance, an operating system with IBM Db2 Database built in, which customers use to develop and run their own database-based applications. IBM i has built-in security features that allow users to tightly control who has access to data, as well as an architecture that is less vulnerable to malware incursions.

Built-in access control

In IBM i, data is organized into libraries populated by objects. Each library has a security list where an administrator can set who has access to read and/or write to the database. Users can even set access controls on individual objects within libraries, enabling them to finely tune who has access to what data.

IBM i’s access controls can also limit who can write data to the database based on how they are entering the network. For example, an administrator could set access controls that give different rights to users accessing the database through a local terminal than to users accessing the database through an open database connectivity API.

Architected securely

Since database functions are an integral part of the IBM i operating system — and not separately installed software — IBM i’s architecture is tighter and more compact, reducing vulnerable points where hackers could enter the system. Since all of the core functions are bundled together, it is much harder to sneak laterally into other parts of the system to find data.

Adding on additional security features

IBM i’s built-in security controls are certainly sufficient if users properly utilize them. However, controlling security at every level of data might mean users overlook securing some aspects.

Customers may find it useful to add on additional security tools to help keep an eye on all points that need to be secured in their systems. Users can create their own custom modules to add, or they can purchase third-party programs that are built with security best practices in mind.

Keeping data secure on IBM i

All of the security tools you need to secure your IBM i systems are built into the operating system, though leveraging them fully may require some custom coding or additional third-party software. Ultimately, it’s up to each user to decide what works in their use case to keep their data secure from threats.

You can learn more by contacting one of our experts to discuss which security options are best for your business.