2. • L’offerta HelpSystems
– Jenko Gaviglia, Director of Sales EMEA, HelpSystems
• Chi modifica i dati personali su IBM i?
– Marco Moret, Senior Consultant, Soluzioni EDP
• Come essere PCI compliant: l’esperienza di un importante gruppo
bancario
– Luca Verzicco, Product Manager Software Solutions, WSS
L’agenda di oggi: due casi reali
4. GDPR HelpSystems LLC All rights reserved.
Chi è HelpSystems? Leader mondiale delle Soluzioni IBM i
5. GDPR HelpSystems LLC All rights reserved.
30 Years of Growth and Innovation
TeamQuest
6. GDPR HelpSystems LLC All rights reserved.
Alcuni dei nostri clienti
Oltre 9,300+ client in tutto il mondo
1Customers may exist in multiple categories
7,079 Customers1 2,749 Customers1 957 Customers1 1,300 Customers1
8. GDPR HelpSystems LLC All rights reserved.
Main focus on
Process
Managem
ent
Monitoring
Security
9. GDPR HelpSystems LLC All rights reserved.
• Monitoring: IBMi e Multipiattaforma
– Infrastruttura, applicazioni e business
• Process Management
– Enterprise scheduling : AutoMate e Robot Schedule
Schedulazione in funzione di un evento o di una programmazione
Dipendenze complesse tra le varie piattaforme
RPA, Automazione di task specifici
ETL, tasks ripetitivi, Integrazione di Applicazioni
– Managed File Transfer: GoAnywhere
• Security:
– Completa suite di prodotti per ogni esigenza
– Disponibile as a Service
– Scan di valutazione delle vulnerabilità gratuito
L’offerta HelpSystems
10. Business Process Monitoring & Automation Webinar
Lack of End to end
visibility from
Business perspective
and root cause
analysis
Come funzionano i processi oggi?
Ricezione ordini, Integrazione ERP e report giornaliero per business
Stores
File reception
ERP Integration
Datawarehouse
consolidation
Send to warehouse
application
Daily report to sales
Self-made scripting
Different technologies
Costly to maintain
Not fault tolerant
No central visibility
Tasks in different
systems/environments
Logical dependencies,
managed by time
scheduling
Unefficient processes
Unreliable processes
11. Business Process Monitoring & Automation Webinar
Soluzioni
Stores
File reception
ERP integration
Datawarehouse
consolidation
Send to warehouse
application
Daily report to sales
12. Business Process Monitoring & Automation Webinar
Solution
ViewHelpSystems Security Services
Offerta granulare sulla sicurezza IBM i
13. UP NEXT...
Chi modifica i dati personali su IBM i?
Marco Moret, Senior Consultant, Soluzioni EDP
14. GDPR HelpSystems LLC All rights reserved.
FTP
ODBC
JDBC
SQL
Remote Command
IFS
….and more
Chi ha
modificato
l’IBAN?
C’è un
fornitore con
un IBAN
errato
L’as400 è
blindato
log…log.. Query..
Query.. Messaggi in
coda.. search
everywhere
Applicazioni
Utenti
Sessioni interattive
15. GDPR HelpSystems LLC All rights reserved.
Noi, attori del mondo ICT, quante volte ci siamo sentiti porre questa
domanda? Oggi lo chiedono le normative (SOX, GDPR), ma è un’informazione
che da sempre ha avuto un significato importante per chi gestisce i dati.
• E’ stato cambiato un codice IBAN del fornitore dentro al gestionale?
• E’ stato eliminato un cliente?
• E’ stato aggiornato lo stipendio di un collaboratore?
• Chi ha fatto l’operazione era autorizzato dalle policy aziendali?
Nel mondo os400 tutto ciò è possibile
• Mettere in ‘ascolto’ i file e i campi contenenti dati personali
• Catturare in real time le cancellazioni anche logiche
• Catturare in real time i nuovi inserimenti di dati
• Catturare in real time gli aggiornamenti dei dati personali con il valore nuovo ma
anche il precedente
• Conoscere chi ha fatto l’operazione, quale job, quale programma, in quale
momento
• Essere avvisati (mail, sms, integrazione con ticketing) in real time di operazioni da
parte di utenti non autorizzati dalle policy (integrazione con la matrice delle
responsabilità)
• Avere Reports creati automaticamente e archiviati per gli auditors e per le analisi
del pregresso
Data Monitor
17. GDPR HelpSystems LLC All rights reserved.
as400
Data
Monitor
Matrice delle
responsabilità
del cliente
Real time
monitoring
18. UP NEXT...
Come essere PCI compliant: l’esperienza di un
importante gruppo bancario
Luca Verzicco, Product Manager Software Solutions, WSS
19. Problematica
Importante Gruppo bancario biellese aveva bisogno di una soluzione in
grado di rispondere con puntualità ed efficienza alle richieste degli
Auditors:
Interni
Esterni
Requisito fondamentale
la documentazione rilasciata doveva
essere PCI compliant
PCI Compliance
23. GDPR HelpSystems LLC All rights reserved.
Informazioni di Contatto
HelpSystems
www.helpsystems.com/it
Jenko Gaviglia, jenko.gaviglia@helpsystems.com
I nostri partner in Italia:
Soluzioni EDP
www.soluzioniedp.it
Marco Moret, marco.moret@soluzioniedp.it
WSS Italia
www.wssitalia.it
Luca Verzicco, l.verzicco@wssitalia.it
Grazie!
Notes de l'éditeur
1 Raise Awareness
Take responsibility, peer groups, board level all in between
Presume everybody knows nothing
2 Identify what data you use and retain
Document it, what source, why?
3 Clean your house
Tidy up and erase unused data
Check regulatory and historical reasons
4 Create a GDPR responsibility framework
Org chart framework
DPO, Controllers and Processors - EDPB
Train and identify obligations
5 Update and review policies and procedures
Continuous improvement and update plan
Easily accessible
6 Embrace GDPR and make it part of your working life
Security by design
Question yourself why am I accessing this data, do I need to , is it still relevant
7 Prepare for a data breach
72 hours
Policies
What is the alternative?
8 Prepare to be challenged
Customer awareness
Know your customers rights
9 Think about special requirements
Children 16 or 13 , parental consent, offline storage, consent
Law agencies
10 Don’t be shy! Talk to peers and experts and question your own employees
We have leveraged our experience in the security industry to build a portfolio of powerful security solutions; solutions designed to provide critical functionality to companies in every industry vertical.
These solutions have been designed specifically to help satisfy regulatory and legislative compliance requirements, as well as internal corporate policy. Each of them extends and leverages the integrated security infrastructure found within IBM i. If an organization runs applications on IBM i servers, and has an interest in security and compliance, then these modules provide valuable functionality and a return-on-security-investment. We have designed each of the solution modules to run standalone. You only have to purchase the functions that you need. However, there is pricing value and functional synergy when you implement multiple solutions. For example, Network Security and Authority Broker both have reporting capabilities built within them. But if you own Compliance Monitor, then you can centralize that reporting and do it all from a single dashboard environment.
All of the PowerTech solutions are available as fully-functional 30-day trials. We do this, as we feel that’s the best way to unequivocally prove the value of our products, and once you see the benefit they bring to your own security initiatives, we believe that you will as well! Of course, all of these products can be run on any supported version of the IBM i operating system.