I'm a good geek, which is more secure
My Mum has a favourite story from my time at school, which she likes to retell. I came home one day with a worried look on my face, and she asked me, jokingly "What is wrong? You haven't been expelled have you?". I responded with "Well...", which was not quite the response she was expecting!
In my previous article, I shared some of my experiences at school, and as I prepare for the "Transform your business with AIX & IBM Power Systems - Celebrating 35 years of Innovation" event tomorrow (you can register for that here, and ask questions even when watching it on replay and we will be sent them), I am reminded of another, this time about cybersecurity. When I was at school, we were learning with a combination of BBC Model B computers and the original Apple Macintosh. Back then, I was already a gamer, and I had been bringing my own games to play on Apple systems, on floppy disks. I got on well with my computing teacher, as I was good at his subject. Also, he coached the boys hockey team, and I played in goal for the school team, which gained me more "points". So, I had permission to play the games and that was not the problem.
The problem was that the Apple computers became infected with viruses. Even back then, computer viruses were already a thing, but the Internet was nothing like what it is today. The Apple computers were networked together, but not connected to anything outside the school. The virus got into the bursars system too, where the accounts for the school were, and so this was rather a big problem. And the viruses must have come from somewhere, such as floppy disks that were brought in, like the ones holding my games. So, I was in trouble. And expulsion from the school was a real possibility.
Now, I was geek then, and I remain a geek now. In IBM today, I am a member of the Technical Consulting Group, or TCG. The TCG is the UK and Ireland group that is affiliated with the IBM Academy of Technology, which is group of technical leaders from all across all part of IBM. My colleague Jyoti Dodhia came up with the variation on TCG that is Totally Cool Geeks, which we love. And so we even have our own branded clothing available, proudly declaring ourselves as Totally Cook Geeks. As I was also a good geek back then at school, I ran virus checking software on all my floppy disks, and they were all free of viruses. That proved I was not the source of the viruses. So, I cleared my name, and did not get expelled.
Why am I telling you all this? Well, like with my previous example, I see a connection with modern day IBM AIX and my experiences at school. IBM Power Systems and AIX are not immune to cybersecurity issues, but they are vastly more secure against them than alternatives. IBM has a group which specialises in deep security research expertise and global threat intelligence for enhanced security solutions, called IBM X-Force. Importantly, they are in a completely different division of IBM to IBM Power Systems, and have no reason to show any bias. The facts are what they need to work with. They publish those facts through the IBM X-Force Exchange, and so I had a look there at the current number of Vulnerabilities they publish for AIX in the past year. At the time of writing, there were 7.
If I do the same thing for Windows, I immediately hit the limit of the report returned, which is 200. I have to dial the timescale back to a month, and 54 vulnerabilities are shown.
So, 7 in a year for AIX vs. 54 in a month for Windows makes a clear story! Similar results can be expected for Linux Distributions, where AIX has vastly fewer vulnerabilities.
Following on from my story where I "cleared my name", you can also prove to auditors that you are compliant to security profiles on IBM Power Systems with IBM PowerSC. This demonstrated compliance, to compliance profiles that include Payment Card Industry and GDPR, can be done very quickly and easily. Also, real time alerts can show if configurations change to move away from that compliance, so action can be taken quickly to address any issues. I did a video showing that a few years ago:
So, in conclusion, come and hear from Petra, Udo, Jonas and myself on our call tomorrow, or check out the replay. You can register for the session here, and look out for future calls we have planned too!