Security White Paper

James Michael Stewart of Global Knowledge has written a white paper called: Ten Ways Hackers Breach Security

Here’s the interesting part:

All too often when hacking is discussed, it is assumed that the hacker is some unknown outsider. However, studies have shown that a majority of security violations actually are caused by internal employees.  So, one of the most effective ways for a hacker to breach security is to be an employee. This can be read in two different ways. First, the hacker can get a job at the target company and then exploit that access once they gain the trust of the organization. Second, an existing employee can become disgruntled and choose to cause harm to the company as a form of revenge or retribution.

When are companies going to secure their MQ environments, so that internal employees cannot get access to sensitive/confidential data?

Note: Please do not say we use a firewall, we use RACF (for z/OS) or the channel’s MCAUSER field has a value because that is NOT securing your MQ environment.

Regards,
Roger Lacroix
Capitalware Inc.

This entry was posted in IBM i (OS/400), IBM MQ, Linux, macOS (Mac OS X), MQ Authenticate User Security Exit, MQ Channel Encryption, MQ Enterprise Security Suite, MQ Message Encryption, MQ Standard Security Exit, Unix, Windows, z/OS.

Comments are closed.