Profile management continues to be one of the most critical security areas on your IBM i server. Managing user profile privileges and passwords are absolute must-haves in a security implementation to minimize the threat factor for your servers.
Privilege management is to limit the availability of powerful user profiles. The more profiles you have on your system with privileged special authorities such as *ALLOBJ and *SECADM, the bigger the threat. Also, the inheritance of these special authorities from group profiles or supplemental group profiles must not be overlooked.
Password management is the most important area of security to avoid unauthorized access to your servers. Traditionally, IBM i servers had weak passwords due to limitations in older operating systems but, with technology advancements, IBM i has introduced new system values, including password level, to allow passwords to be as strong as any other platform. With processor power increasing, password cracking programs can crack weak passwords more quickly. Therefore, it is essential to have strong password rules set up on your servers.
For more information about Profile Security