What are some slick features inside IBM i 7.6?

Security is finally at the forefront of everyone’s minds, rightfully so. With breaches, ransomware and cyberattacks making daily headlines, companies are under increasing pressure to tighten how they protect their data. Just yesterday, I sat in a CFO’s office describing a Disaster Recovery as a Service (DRaaS) proposal. His biggest question? “How do you protect my data?” 

My most favorite new feature? Well, there’s two: 

Built-in multi-factor authentication (MFA)

First, IBM i 7.6 offers built-in multi-factor authentication (MFA).

That means you can now require users to confirm their identity with a secondary factor, like with an app on their phone. The integrated MFA is an additional layer that validates a user is who they say they are and strengthens the IBM i overall security posture. This extra layer of protection doesn’t cost one penny extra or require any additional software. It just works right out of the can.

Auxiliary storage pool (ASP)

Second, we now can encrypt the system Auxiliary Storage Pool (ASP).

Before this, to encrypt the system ASP, you’d need to purchase external storage and encrypt those disks before presenting logical unit numbers (LUNs) to the IBM i. Customers on the smaller end of the spectrum can’t usually justify purchasing a SAN, so this feature is tipping the hat to the smaller shops. The only requirement to encrypt the system ASP is option 45 of the operating system licensed program, Encrypted ASP Enablement. The feature is accessed from inside Service Tools and doesn’t require any downtime to enable.

Additional honorable mentions

The CFGHOSTSVR command

Another cool feature is the CFGHOSTSVR command, which enables and even forces encrypted connections to IBM i host servers, such as database, file, network print and sign-on servers.

Previously, to prevent your host servers from operating on unencrypted ports, you’d have to mess around with TCP/IP port restrictions; this has never been a simple or straightforward task for the average administrator.

IBM Navigator for i

IBM Navigator for i (the main web-based interface for managing the system) continues to improve steadily. It’s become a clean, more intuitive interface. It includes helpful wizards for setting up things like TLS encryption, managing digital certificates, enabling those new MFA options and managing the host servers we just discussed. Administrators will love how much easier it is to see what’s happening at a glance, especially when managing multiple systems. Some significant new dashboards track license expirations, security events and performance trends.

Is that all there is? Not in the slightest!

In fact, there are a whole bunch of features that I haven’t even touched on here, including many related to security. Digital Certificate Manager had a facelift. IBM Debugger clients can now secure their connections. The ability to view (not change) specific system parameters previously required *IOSYSCFG special authority.

Stronger AES encryption is enabled out of the gate instead of the older DES and triple-DES encryption for Kerberos and Enterprise Identity Mapping configurations. The security PTF group apply date is visible on the WRKPTFGRP screen to show you how old your security fixes are.

However, because of the two main features (in my opinion) of System ASP encryption and multi-factor authentication, the question shouldn’t be whether you should upgrade to IBM i 7.6. It should be when.

And the answer is: yesterday.

What is recovery assurance? 

Recovery assurance is the ability to confidently restore IT systems after a ransomware attack or data loss event. Traditional backup strategies often assume that hardware failure is the primary concern, meaning recovery focuses on reinstalling software and restoring backups. However, ransomware and other cyber threats invert the problem: your hardware is fine, but your software, applications and data can no longer be trusted. This shift highlights the difference between traditional disaster recovery (DR) and cyber recovery.

• Traditional DR assumes backups and software are intact, but infrastructure has failed.    
• Cyber recovery assumes infrastructure is fine, but software and data are compromised.      

Organizations must implement regular recovery testing to validate that backups aren’t compromised before they’re restored to ensure safe and trustworthy recovery. Doing so requires a dedicated, secure testing environment that ransomware cannot reach.    

Incident response plans also play a crucial role in recovery assurance. A strong plan includes a well-trained Incident Response Team (IRT) skilled in penetration testing, forensic analysis and network security. Regular training ensures employees know how to identify and respond to threats, reducing human errors that can lead to infections. 

What is RTO and RPO? 

Two critical metrics define an organization’s ability to recover from an attack: Recovery Time Objective (RTO) and Recovery Point Objective (RPO). RTO measures how quickly operations must be restored to prevent severe disruption, while RPO defines how much data loss is acceptable. Organizations must move beyond traditional backups and embrace solutions for modern cyber threats to achieve the lowest possible RTO and RPO.   

How to safeguard valuable data 

Data is an organization’s most valuable asset, and cybercriminals know it. Whether it’s customer records, financial transactions or intellectual property, losing access to data can be catastrophic. Immutable data storage and Isolated Recovery Environments (IREs) provide a robust defense by ensuring data remains untouched, accessible and instantly recoverable.    

What is immutable data storage? 

Immutable storage is a game changer in ransomware defense because data cannot be modified, encrypted or deleted once written, even by administrators, protecting it from malicious attacks. Unlike traditional backups, which can be encrypted or erased by ransomware if attackers gain access, immutable data guarantees there’s always a clean, untampered copy available.    

Instead of relying on nightly backups, which can leave organizations vulnerable to 24+ hours of data loss, immutable data solutions create multiple snapshots during the day. This approach allows organizations to restore data from a precise point before an attack, minimizing disruption and reducing an organization’s RPO to near zero.  

What are isolated recovery environments (IREs)? 

An IRE takes immutable data storage one step further by creating a secure, offline environment to test, validate and restore business-critical systems. This environment is An IRE takes immutable data storage one step further by creating a secure, offline environment to test, validate and restore business-critical systems. This environment is separate from the primary network, ensuring ransomware cannot infect or corrupt recovery points.    

One of the biggest mistakes organizations make is storing their incident response plan on internal systems, only to find it encrypted and inaccessible after an attack. A simple but effective solution is maintaining a “lockbox” copy of critical response documentation in a secure, offline location, such as an IRE. This ensures IT teams can access clear recovery instructions immediately without wasting time searching for missing files.    

When time is critical, you need a fast solution 

Ransomware recovery is a race against time. The longer systems remain locked, the greater the financial and operational impact will be. Whether it’s lost productivity, missed revenue or compliance fines, the consequences escalate quickly. A slow or uncertain recovery process is no longer an option.    

An IRE provides the fastest and most secure way to restore operations. When combined with immutable storage, it delivers a clean, trustworthy recovery solution that can be deployed in minutes.   

Combining forces 

The technical advantages of immutable storage and IREs lead to significant business benefits:   

• Minimized downtime: Faster recovery reduces operational disruption and financial losses 
• Regulatory compliance: Supports data protection regulations like GDPR, PCI-DSS and ISO 27001 
• Cyber resilience and business continuity: Ensures businesses can withstand and recover from attacks without lasting damage 
• Cost savings: Eliminates the need to pay ransoms, reduces legal exposure and protects brand reputation 

When combined, these solutions transform ransomware recovery from a reactive scramble to a proactive, well-structured strategy that guarantees business continuity. By investing in these technologies, businesses shift from hoping their backups will work to knowing their recovery strategy is bulletproof.   

Modernizing disaster recovery

Ransomware is no longer a question of if but when. As cyberattacks become more sophisticated and relentless, businesses must move beyond traditional disaster recovery approaches and adopt solutions explicitly designed for cyber resilience. Immutable data and IREs provide the strongest line of defense, ensuring your data remains untampered, your recovery process is tested and reliable and your downtime is minimized. 

By implementing immutable storage, organizations can guarantee that their critical data remains untouched by ransomware, preventing attackers from holding data hostage. Pairing this with an IRE ensures recovery in a secure, air-gapped environment free from lingering risks of reinfection. Automated testing, forensic analysis and detailed reporting ensure that organizations can restore operations quickly and confidently when disaster strikes. 

Traditional disaster recovery is no longer enough. Cyber threats have changed the game, and businesses need a modern, proactive recovery strategy that keeps them one step ahead of attackers. By integrating immutable data and IREs, organizations can eliminate uncertainty, take control of their recovery and ensure ransomware never dictates their future. 

What is data destruction?

Data destruction is the process of disposing of and ensuring vital data is irretrievable.

Why is data destruction important?

Just because hardware with sensitive data is recycled doesn’t mean the files are magically unretrievable. Below are several reasons why secure data disposal is essential: 

• Protects against cyberattacks, data breaches, etc.
• Upholds your company’s reputation.
• Supports legal and compliance requirements.

Common data destruction methods

There are several methods for secure data destruction; however, all techniques aim to destroy data, so it doesn’t end up in the wrong hands.

Data destruction standards and compliance

ITAD specialists follow regulations and policies for secure data destruction. The standards vary between country and region, but all aim to establish safe and compliant data destruction practices.

The most common data destruction standards in North America and Europe:

• United States Department of Defense: DoD 5220.22-M 
• United States Department of Commerce: NIST SP 800:88

As you can imagine, it’s critical to have a reputable and experienced provider assist with your data destruction needs. Make sure to verify their experience, methods, certificate of data destruction, guidelines, security measures and more. Partnering with a reputable vendor for data disposal will protect your organization from potential threats or vulnerabilities.

What is disaster recovery as a service (DRaaS)?

First, if you’re not familiar with disaster recovery, it’s the practice of restoring IT infrastructure after a cyberattack or any other event resulting in unexpected downtime.

Simply put, DRaaS is cloud-based disaster recovery. It’s slicker, stronger and speedier. Conventional backup and recovery plans take a lot longer to stand your IT estate up after a disruption.

Why DRaaS is important?

A study of over 500 UK businesses, conducted by Beaming, found nearly 50% of companies risk losing critical data and nearly four million companies put their very existence in danger by having inadequate backup and recovery strategies.

93% of companies filed for bankruptcy after significant data loss, according to an investigation by Texas A&M University. These findings applied to businesses that were without their data center for ten days or more.

In the traditional sense, disaster recovery starts with the setup of a dedicated physical site, which needs essential maintenance and support to maximize protection, meaning it can prove to be a rather costly and resource-intensive method.

According to IDG research, 77% of CIOs say they wish to reduce the overall costs of DR solutions, and many are looking to DRaaS providers to do so. The DRaaS advantage over conventional DR is that it comes with best practices, and it sits on the provider’s purpose-built infrastructure.

These are the serious risks to your data. Data loss is not always the result of a sophisticated cyberattack. Businesses can struggle to recover from a variety of disasters, such as:

• Hardware or system malfunction
• Human errors, such as accidental deletion or misfiling
• Software crashes
• Malware virus infections
• Software corruption
• Virus attacks
• Natural disasters such as fire, floods and hurricanes

Why should your company have a DRaaS plan?

No business should be without DRaaS. It’s a combination of tough security and a speedy reaction, ensuring optimal protection for your digital assets.

When delivered “as a service,” DR becomes lighting fast and has extra resilience at a stronger level. DRaaS can rapidly replicate critical portions of your IT infrastructure — or even your entire IT environment — to another location. With multiple replication target host sites, it ensures geographic diversity.

DRaaS ensures the time to return applications to production is reduced because the data does not need to be restored over the internet. The service can be especially useful for small and medium-sized businesses that lack the necessary expertise to provision, configure and test an effective disaster recovery plan. Using DRaaS also means your organization doesn’t have to invest in – and maintain – its own off-site DR environment.

Create the best defense for your business

By working with you to respond to IT complexities across all cloud and on-premises resources, Service Express can help improve your ability to respond and recover from disruptive or disastrous events, minimizing economic impact, brand damage, or potential for legal liability.

We also offer support for a wide range of operating systems, including IBM i, AIX, Linux and Windows, whilst supporting your x86 and AMD hardware, along with storage, network, private and public cloud environments.

If you’re looking to reduce costs, increase agility and maximize uptime, we can meet your needs with a completely personalized, proactive and cost-effective service, making your IT work harder and smarter for your business.

The looming risks for finance, retail and healthcare

“There are increasing attacks on production systems and their backups. If you’ve only got one copy of production data and you’re in the financial industry, that will hold your only copy of client and transaction records. If it gets attacked, encrypted or stolen, and you have no secondary backup, then you will be at the mercy of whoever attacked you.”

When it comes to banks, fintech and other highly regulated organizations, inadequate protection can land you in trouble with the regulators as well as lose you significant amounts of money.

Small and medium businesses are often exposed

Ransomware attacks are up against small and medium businesses because they can’t or haven’t invested in the level of cybersecurity that protects both production and backup environments.

The rise of ransomware, in numbers

The following statistics may be chilling reading for those looking after IT infrastructure, but we’re on hand to provide advice for those seeking to boost their cybersecurity.

• 30% of data breaches are carried out by internal bad actors.
• Globally, 40% of servers have had one or more outages over the past twelve months.
• 43% of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves.
• Volume of investment in the cybersecurity sector is led by medium-sized businesses, followed by large, small and then micro.
• The average time to identify and contain a data breach fell from 287 days in 2021 to 277 days in 2022, a decrease of 10 days or 3.5%.

The typical perception of a hacker is that they go into your system and bang! They’ve immediately launched an attack and wiped out your business.

Real life isn’t like that, as most attackers will come into your system quietly and reside there for quite a while, perusing your information and collecting what they need to cause maximum harm to you. When they’re ready, they launch their attack, and it’s always on their terms.

The reality of cybersecurity is that the attacker only must be right once, whereas you must be right every time as a defender. Thankfully, as cybersecurity tools develop, this paradigm is changing where the attacker must be perfect to avoid detection once on the system, but these tools may be expensive.

Gambling with tape

For many decades, IT infrastructures have backed data up onto tape. Many businesses still rely on this traditional method. In optimal conditions, there’s nothing wrong with this solution, but it often takes a long time to get back online because you’ve got to find the tape, plug it in and stand everything up.

Quite a few system administrators have stories of tape failures. It’s not the most reliable backup method when compared to modern storage such as solid-state disk.

The answer is in an offsite backup

An offsite backup is vital in ensuring complete backup and DR. This establishes data redundancy. Service Express has considerable skills and resources, along with the technology partnerships, to set up the required hardware and networking that fits into your existing IT estate.

This strategy brings in a substantial degree of resilience when it comes to cybersecurity threats aimed at your industry. It’s a difference maker that no company should be without.

How organizations are mitigating the risk of ransomware attacks with the right disaster recovery plan

How are organizations thinking about protecting their data from ransomware attacks? Hear from a panel of experts from Service Express, IBM and Veeam as they discuss how cyberattacks can impact organizations in different industries.

Watch now to learn more about:

• The current and growing cybersecurity trends and challenges
• The risk of ransomware attacks
• How to build a disaster recovery plan that could save you from financial loss and reputation damage and ensure business continuity

This 45-minute webinar provides a holistic view of cybersecurity and ransomware trends with practical guidance on what organizations need to think about in terms of disaster recovery.

Compare & Contrast: On-Premises vs. Cloud Service Security

The on-prem versus cloud security debate continues within the data center industry. The differences range from minor to substantial, but both on-prem and cloud advocates can agree that countless protections and threats exist in either environment. Beyond focusing solely on meeting IT security priorities, the question is: which is more secure for my organization and its business objectives?

“The biggest challenge to data center security today is not physical threats but rather cyber threats. The proliferation of applications and burgeoning mounds of intellectual property and private information often governed by regulators — make data centers a central target for cybercriminals and even nation-states…the cyberattack surface for the data center is expanding and becoming increasingly harder to defend.

These threats can target physical devices and systems used to manage cooling and video surveillance, among others. They can also target personnel through spear phishing, gaps in authentication protocols, and other malicious means.”

– Digital Reality

Data Center Security Requirements & Standards

Requirements should be reviewed to understand how they will ensure and impact data center safety. Many industries demand unique security standards, involving a formal third-party auditing process to demonstrate compliance. Though complying with standards and requirements with all their details and steps appears daunting, these established best practices do shape a security response that can protect you from potential harm, downtime and data loss.

Industry security standards include:

• NIST 800-88 Guidelines for Media Sanitization
• HIPAA in healthcare
• FERPA in educational institutions
• PCI DSS for credit cards
• ISAE 3402 for data center financial reporting
• ISO 27001 Information Security Management System
• Standard—most widely-accepted certification for supporting information security, physical security, and business continuity

Regardless of industry, IT professionals should, at a minimum, be familiar with data center tiers and the kill chain standards. Uptime Institute’s Tier Classification System serves as a benchmark for ensuring maximum uptime. Lockheed Martin’s six-step Cyber Kill Chain® helps align defense strategies against cybercriminals.

What Does the Future of Data Center Security Look Like?

Cloud technology is trending now, but factors such as rising costs and security vulnerabilities are impacting its adoption. With more experience and a better understanding of the pros and cons, IT leaders are looking to a hybrid model for bringing together the scalability of the cloud with the control of on-premises data centers.