Title Page -- Copyright Page -- Dedication -- Acknowledgments -- Table of Contents -- CHAPTER 1 - Security-The Reasons You're Reading This Book -- Evaluating Your Risks -- Evaluating the Threats -- Managing the Strategic Issues -- Getting Started -- Don't Close the Book -- CHAPTER 2 - Policies and Procedures -- Your Security Policy -- Business Events and Procedures -- Getting Started with Your Policy -- Legal Review -- CHAPTER 3 - Security at the System Level -- The System Security Level -- Security-Related System Values -- Locking Down Security-Related System Values -- A Helpful Tool -- CHAPTER 4 - The Facts About User Profiles -- What Are User Profiles? -- User Profile Attributes -- Private Authorities and User Profiles -- Helpful Tools -- Navigator for i -- Copying User Profiles -- Validation List Users -- CHAPTER 5 - Service Tools Security -- Service Tools User IDs -- Service Tools Functional Privileges -- Device Profiles -- The Work with System Security Panel -- Monitoring Service Tools Use -- Service Tools Security Recommendations -- CHAPTER 6 - Object-Level Security -- Private Authorities -- Group Profiles -- Public Authority -- Authorization Lists -- How IBM i Checks Authority -- Adopted Authority -- Authorities and Save/Restore Functions -- Object Ownership -- Limit User Function -- Helpful Tools -- Navigator for i -- CHAPTER 7 - Security Considerations for the IFS -- IFS Authorities -- Managing Authorities to IFS Objects -- File Attributes -- File Shares: Accessing Objects in the IFS -- Gotchas and Helpful Hints -- Security Recommendations -- Helpful Tools -- CHAPTER 8 - Securing Your Printed Output -- Security-Related Output Queue Attributes -- Output Queue Ownership -- Sample Output Queue Security Implementation -- Helpful Tools -- Navigator for i -- CHAPTER 9 - Encryption -- Encryption Basics -- Transmission of Data.

Encrypting Data in Files -- Encrypting Backup Media -- Disaster Recovery Considerations -- Success Depends on Planning -- Helpful Resources -- CHAPTER 10 - Connecting to the System -- Physical Security -- System Values -- *IOSYSCFG Special Authority -- Network Security Attributes -- Security Considerations for TCP/IP -- Security Considerations for PCs -- Using Exit Points -- Management Central -- Secure Communications -- Wireless Considerations -- Helpful Tools -- Navigator for i -- IBM Director -- CHAPTER 11 - Internet Security -- Determine Your Risk -- The Process -- Corporate Security Policy -- Internet Service Provider -- Firewalls -- System Values -- User Profiles -- Resource Security -- Controlling What Goes On -- Secure Web Applications -- Exit Programs -- Monitoring -- Testing and Evaluation -- Business Contingency Plan -- Be Careful Out There -- CHAPTER 12 - Evaluating Applications' Current Implementations and Designing New Ones -- From the Beginning -- Design Considerations -- Implementation Details -- Testing, Testing -- Moving Forward -- CHAPTER 13 - Role-Based Access -- Roles -- Defining the Roles -- Group Profiles -- Why Group Profiles? -- Implementation -- CHAPTER 14 - Role-Based Access for IT -- Security and Your IT Staff -- Identify the Roles -- Define a Secure Environment for Each Business Function -- Security for Vendors and Consultants -- Role-Based IT Access -- CHAPTER 15 - Auditing -- The History Log -- The Security Audit Journal -- The Audit Journal -- Auditing Controls -- System-Wide Auditing -- User Auditing -- Object Auditing -- Event-Auditing Recommendations -- Working with the Audit Journal -- Displaying and Printing Audit Journal Entries -- Reporting on Activities from the Information in the Audit Journal -- Benefits of the IBM i Architecture -- Helpful Tools -- Navigator for i.

CHAPTER 16 - Implementing Object-Level Security -- Determine the Scope of Your Project -- High-Level Design of the Architecture -- Building the Big Picture -- Decision Points -- Making Changes to the Application -- Rolling Out the Changes -- When Something Breaks: Debugging and Recovery Techniques -- Making Sure the Changes "Stick" -- Gotchas -- Summary -- CHAPTER 17 - Security Administration -- Remove Obsolete Objects -- System Values -- User Profiles -- Managing Authorities -- Regular Reviews -- Controlling Who Can Do What -- Regular Updates -- Summary -- CHAPTER 18 - Maintaining Compliance -- Evaluating the Key Areas -- An Annual Security Assessment -- Regular Reviews -- Policies and Processes -- Summary -- CHAPTER 19 - Preparing for the Worst: Creating a Security Incident Response Plan -- Be Prepared -- Make Sure You're Saving the Right Information -- CHAPTER 20 - Creating a Security Awareness Program -- What Method Do I Use to Communicate? -- Getting Started.