Kisco Systems

Kisco U

IBM i "Work From Home" Security Concerns

Home : Kisco U : IBM i "Work From Home" Security Concerns


If your users/programmers/system administrators are using 5250 terminal sessions to access your system, make certain that they are all using SSL for the connection. Otherwise your user profiles and passwords are traveling over the Internet as plain text.

Browser Based Applications

When you are in the office and working on browser based applications hosted on your IBM i system, you might consider yourself to be safe if you are running the application using an HTTP address. While that may be true, when you run that same browser based application from home using HTTP, the data that transfers back and forth to your desktop environment will be sent in plain text. Since most applications require a sign-on process, then your user profile and password are again exposed while in transit.

The solution is to update your HTTP application to use HTTPS protocols. By making this change, the browser data streams will be encrypted, adding the necessary security that you will need.

File Transfer Protocol (FTP)

While working in the office and hiding behind a firewall, bringing up a quick FTP session on your desktop to transfer IBM i information to/from your personal computer is a quick and easy way to get things done. Doing that same thing while working remotely can, like telnet and the browser applications, expose your user profile and password as open text.

The solution is to change your access to use SFTP (Secure File Transfer Protocol). The good news is that IBM i supports SFTP. Here is some guidance from IBM on how to set this up.