Most people are aware of what a Domino server does - it holds all of the databases and therefore access to pretty much everything. And each server has a server ID. Protecting a server ID with a password works in much the same way that protecting a computer or account with an ID works. In this case, the server ID password is individual to the server itself, rather than the user, but access to that password is limited to a finite number of people with administrator authority.
Knowing how to lock down access to your IBM Domino server is of vital importance. In the event of unauthorised access to the server, a breach of confidentiality is more likely and can lead to data theft. Legal battles, GDPR compliance breaches and hefty fines can be extremely detrimental to the company. Use the following steps to ensure the lockdown of your IBM Domino servers.
Good identity management is essential. Security and regulatory compliance are a major factor in any kind of effective Identity Management and Access Governence solution. So why is it still so difficult for so many organizations?
Written by Arshad Khalid
It doesn’t happen very often that a potential customer project comes along which is an almost exact fit for the product you are managing and have been evangelising. But that’s exactly what happened a few months ago when I was called in to participate in an initial meeting with a potential customer – not naming any names (simply because I can’t), it was with one of the biggest insurance companies in the world, if not the biggest.
Building on a previous article about the top 5 security concerns in IBM Domino Server, we will take a look at the corresponding top 5 actions you can take to boost your IBM Domino Server security. While you no doubt hire trustworthy Domino administrators, insider attacks are a real problem. Use of a two-man rule on changes to ACL’s, configurations and other Domino control components is a great way to improve security and confidence..
In IT these days, server security has taken on a whole new level of importance in light of all the data breaches and denial of service attacks. It seems every day there is a new vulnerability uncovered in widely used software, or another company – or even entire industries – that are targeted for attack. Yet too often the email servers are either overlooked or their importance downplayed. This is a mistake, and if it is one you have made, we will take a look at the top 5 actions you can take to boost the security of your IBM Domino Servers.
If you have spent any time at all administering IBM Connections Cloud, you may have noticed a peculiar design point regarding user administration. Whilst IBM have provided a functional tool in the onboarding manager web interface, there is very little in the way of a logged audit trail. IBM also make available a means to utilize an integration server and perform some of the tasks inbulk or batchmode, but it is not easy. Combine that with the limited user types provided by IBM, and you have a couple potential challenges;
- delegation of who performs user management functions without opening up too much authority to too many users
- validating and demonstrating appropriateness of user management activities, particularly for audit and service level evidences
There was a time when software could focus on delivering the business solution it was designed to provide. But with the ever escalating threats of hacking and data breaches, from both external and internal sources, far more attention needs to be placed on security, along with audit trails and event logs which can be used to perform forensic investigations. IBM Domino Servers, even though a robust and secure platform, lack the depth of logging necessary to deal with today’s challenges. While Domino Server does an excellent job providing a collaboration and email platform, it can be prone to some significant security gaps, due in part to the lack of logging.
Request-based architecture offers your corporation a great safety feature. In basic terms, one person will never have full control over actions with this type of system. If you've ever watched old movies, where two people have the codes for nuclear bombs, you'll understand the reasoning behind this architecture. Those two people would need to input their codes, or turn their keys, at the same time in order to complete the action.
AdminTool offers an automated way to manage people and users. If your company uses Notes or Domino, the standard way of doing things was to have an Administrator add, delete, and otherwise manage users and groups. It would be up to an individual person to accomplish tasks, like giving users access, changing user names, and removing members so that they can no longer gain access once they've stopped working with the project or company.