Jon Paris and Susan Gantner, legendary technical figures in the AS/400 arena, published this superb article on security.
Read more and see why they are so HAPPY!
February 05, 2015
Bash, Shellshock, Heartbleed, Poodle - Unless you've been living under a rock, you have probably heard something about security vulnerabilities like these. And as a programmer, you may well have thought to yourself "I'm glad I'm a programmer and not a Sys Admin or network guy who has to worry about that stuff." Or perhaps you've thought to yourself
"I'm glad I work on IBM i - just stay reasonably up to date on PTFs and these things can't hurt us - IBM i is inherently very secure."
It is indeed true that IBM i has significant architectural protections built in, so we can feel more comfortable about many types of security vulnerabilities compared with other platforms. And the folks at IBM Rochester do a great job of quickly creating PTFs to plug potential threats as they surface. Just take a look at the ITG whitepaper for stats on vulnerabilities of IBM i compared to Windows Server and various flavors of Linux.
And from here, they go on to prescribe EXACTLY the steps to secure your System i, whether on V6R1, 7.1, or 7.2.