In Case You’re Wondering Why You Haven’t Been Bothered by Viruses and Other Security Problems, Here’s the Answer
Our business is upgrading and servicing IBM i (iSeries/AS400) systems, so we get to speak with the CEOs, CFOs and other senior executives of our corporate customers. Every one of them acknowledges that their company has never suffered from virus attacks, hacking or related security issues. When they think about these issues (which is not often), they appreciate how lucky they have been. But they worry about how long this luck will hold out.
Silly them! IT professionals know that it’s not a matter of luck at all. Our customers get by with little or no IT staff, but that’s a different story (see the previous article in this series). So there are usually not enough knowledgeable people around to explain to the non-computer experts why they are unlikely to ever have to worry about security. The purpose of this article, therefore, is to clear up the mystery
The Contrast
The security issues that plague users of operating systems other than IBM’s i (i5/OS, OS400) are too well-known to need further discussion. Not quite as well-known, however, is the trouble-free experience of IBM i users. To date, there are no recorded incidents of a virus that has infected an IBM i system. This stands in marked contrast to the situation with Windows, UNIX, Linux, even Apple. In fact, several years ago, Lou Gerstner, then Chairman of IBM, openly advertised an offer to pay $1 million to anyone who could hack into an identified iSeries and retrieve his American Express card number. That challenge drew an overwhelming number of attempts, but no one was ever successful.
How Come?
The explanation is straightforward. IBM i is an object-based architecture. As soon as either data or a program—even the tiniest snippet of instructions (“code”)—enters the IBM i system, they are “encapsulated” into an appropriate type of container. The system puts data into data containers and programs into program containers. These containers and their contents are the “objects” of the “object-based architecture.” The ingenuity behind this encapsulation is that each container identifies what its contents are allowed to do, who can access these contents, and what the authorized users are permitted to do with them. The containers function like security badges in a secret government installation, with each badge color-coded to indicate the wearer’s level of security clearance. But unlike physical badges, which are only as foolproof as the attentiveness of the gatekeepers, IBM i’s containers are scrutinized with the unwavering reliability of a fully automated system that never takes a nap or reads a newspaper.
As simple as it sounds, IBM’s extraordinary architecture resists computer viruses and worms. Such programs are disguised as data, and other systems are fooled into storing them as data. A Windows or other non-IBM computer executes the instructions in the virus or worm as soon as a hapless user tries to access the “data.” But with the IBM i, a virus, for example, is recognized as a program and stored as a program—even if it is disguised as data, so you cannot accidentally get infected. This is why the IBM i is the most secure in the industry…and why ongoing security is not a matter of your luck holding out. It’s a matter of system architecture.
We would love to hear from you.
Let us know what you think. Leave your comments here.
Leave a Reply