The IBM® i operation system (formerly IBM i5/OS®) is considered one of the most secure systems in the industry. From the beginning, security was designed as an integral part of the system. The System i® platform provides a rich set of security features and services that pertain to the goals of authentication, authorization, integrity, confidentiality, and auditing. However, if an IBM Client does not know that a service, such as a virtual private network (VPN) or hardware cryptographic support, exists on the system, it will not use it.

i for business 7 In addition, there are more and more security auditors and consultants who are in charge of implementing corporate security policies in an organization. In many cases, they are not familiar with the IBM i operating system, but must understand the security services that are available.


Secure data at rest

Secure your data at rest with the IBM i operating system option 45, Encrypted ASP Enablement. Data is encrypted when written out to disk and decrypted when read from disk. This function provides protection for your data when you lose physical control of the disk drive such as disk replacement where a drive fails, data flowing to a SAN, and mirroring. With improvements in 7.1, you can now turn ASP encryption on and off and change the data encryption key for an existing user ASP or IASP.

Encrypted Backup Enablement

The IBM i operating system option 44, Encrypted Backup Enablement provides you with the ability to encrypt your data to a tape device. This function requires Backup, Recovery, and Media Services (BRMS). This encryption solution is hardware independent, meaning that you do not need to use an encrypting tape drive or other type of encryption device to encrypt the backup data. Encrypted backup can be used to encrypt data going directly out to tape or to virtual tape and also supports media duplication (unencrypted to encrypted duplication). The media duplication provides the ability to save in an unencrypted way and then duplicate to encrypted which won't impact the save window.

Column Encryption via Field Procedures

To enhance data security, column encryption may be accomplished by using a new database feature called field procedures, available in release 7.1. Field procedures are user written exit programs that run every time a column is read, changed or new values are inserted into the column. One use of a field procedure can be to implement encryption of the column data. The field procedure can be used to encrypt and decrypt data stored in the column by implementing the encryption and key management logic in the exit program. The field procedure provides the capability to encrypt data in a column without having to change the application programs that manipulate the data and without having to change field lengths and data type of the column itself. Encryption algorithms often times produce a different length output for the encrypted data as well as a requirement to store the data with a binary data format. Changing the column length and data type can have significant impacts to both applications and related interfaces such as a query. Field procedures eliminate the need for changing column lengths and data type of the DB2 table as these changes are managed by the DB2 OS support. For more information on Field Procedures see the SQL Programming Guide.

IBM Lab Services and Training

Is your business protected from the threats to IT infrastructure? Has adequate protection been built into new requirements and environments? Are systems and data secure? Secure enough? IBM Systems and Technology Group (STG) Lab Services and Training and its security consultants can help you find the answers to these questions through service offerings that assist in the development of general enterprise security or just to make sure your system settings maximize the protection you want and need to prevent your organization from being tomorrow’s headline! We can work with you to implement password elimination and SSO, data encryption, or a system security healthcheck. We can help you address general security aspects from managing the process of security in your enterprise to finding the most cost effective way of implementing your security policies.

IBM i security solutions Partner security solutions IBM Systems Lab Services and Training
IBM i is positioned to help with the governance and compliance considerations that impact your business
IBM i Business Partners offer a robust security solution portfolio
Let us address the unique aspects and requirements of your security concerns

Contact IBM

Browse Power Systems

Next generation applications for big data and analytics and cognitive computing are providing unprecedented insights into opportunities, threats and efficiencies. IBM Power Systems is at the forefront of delivering solutions to gain faster insights from analyzing both structured information and unstructured big data. With the secure, flexible and open platform of IBM Power Systems plus solutions and software, organizations can outpace their competitors by delivering faster services, providing differentiated offerings and turning operational cost into investment opportunity.

IBM Power Systems hardware is at the heart of enabling major business and industry transformations fueled by the explosive growth of big data and analytics. Power Systems help organizations drive faster business insights with industry leading performance, scalability and virtualization flexibility.

IBM Power Systems deliver flexibility and choice of operating systems to enable your business to support the next generation applications for big data and analytics and cognitive computing that are transforming how organizations work today. Whether running 1, 2, or all 3 - coupled with PowerVM, they maximize the benefit of Power Systems in your business.

IBM's integrated approach to developing Systems and Systems Software stacks together delivers a platform that supports next generation applications for big data and analytics and cognitive computing on an open platform for choice while providing maximum utilization, availability, and flexibility to help you deliver new advantages to your business.

IBM and IBM Business Partner solutions exploit key benefits in IBM Power Systems’ unique design combined with systems software to provide support for next generation applications for big data and analytics and cognitive computing to providing unprecedented insights into opportunities, threats and efficiencies to your organization.

Over the last five years thousands of clients have migrated to IBM Power Systems. Learn how Power Systems has helped them support next generation applications for big data and analytics and cognitive computing on an open platform for choice while improving business performance, reducing risk, and establishing a platform for growth.

IBM i and System i Information Center

Find detailed answers to your System i security questions

Data encryption

Data encryption within the drive itself