Kisco moves in the IBM i security business
August 29, 2022
When he took over Kisco Systems from his father Richard last year, Justin Loeber repositioned the company to focus almost exclusively on IBM i security. With recent updates to the company’s security tools on the books and more in the works, Loeber positions the company to ride the security wave for the long term.
If COMMON’s recent announcement of hosting a new security conference titled i on Security 2022 in St. Louis this fall is any indication, then security vulnerability awareness seems to be on the upswing. This is good news for companies that have a lot to lose from poor security configurations. It’s also good news for the software vendors and consultants involved in IBM i security waters.
You can count Kisco Systems among the group of vendors working to automate security remediation on IBM i. The company, which is a platinum sponsor of the i on Security 2022 conference, has a long history of selling security, auditing and monitoring tools among its various products. But after the transfer of ownership at the Loebers, the focus was exclusively on safety.
According to Loeber, there is a lot of potential business to be had in security on IBM i. “It seems like security always hovers just below that decision threshold of things that they think companies need to do but don’t do,” he says IT jungle.
The reason why they don’t pull the trigger? Loeber suspects software costs have a lot to do with it, particularly in the IBM i security space, which has seen its share of vendor consolidation in recent years.
Loeber’s goal is for Kisco to lower the cost barrier for any organization that needs to move forward with implementing security.
“A major strength of Kisco products is their light weight — not in relation to their capabilities, but they’re sleek and mean,” says Loeber. “These are very efficient products.”
Some of his competitors’ products, on the other hand, are expensive and bloated, he says.
The key player on Kisco’s security list is SafeNet/i, an exit point management solution that protects IBM i servers from unwanted access. Customers who just want to see what’s happening through the IBM i exit points (but don’t necessarily want to manage them) can choose SafeNet/i Lite, which also offers some controls but focuses on logging and monitoring.
“There are different modes,” says Loeber. “If you just want to audit and monitor, that costs more than doing nothing, but it doesn’t cost as much as taking actual preventive action. We actually have a product no matter where you are on this journey.”
Kisco’s supporting cast includes iResetMe, a self-service password reset tool. There’s also i2S3, which automates IBM i backups to the AWS S3 cloud. iFileAudit gives administrators the ability to track all changes made to a file, iEvent Monitor keeps track of a number of IBM i components. iSecMap maps and monitors the security configuration of IBM i servers.
There is also i2Pass, a two-factor authentication (2FA) solution that prevents unwanted logins to IBM i resources and was recently updated. With i2Pass 3.0, Kisco makes life easier for system administrators. Version 3.0 has a new self-registration feature that is activated the first time you try to log into an i2Pass protected session. Better email handling is another new feature.
Finally, there is WebReport/i. Kisco used to market this as a general-purpose spool file distribution tool, but today it’s been rebranded as a security product, according to Loeber.
“WebReport/i provides security beyond the server because you can encrypt reports,” he says. “So you’ve put all that effort into securing your environment, and then you email a PDF file. You’ve just undone all your work. With WebReport you can encrypt these reports or deliver your reports through a secure web portal.”
Development is progressing on all products. Kisco is about to unveil a new web-based GUI called Bluescape, which will become the common user interface for all Kisco products (although it will retain the green-screen interfaces for 5250 die-hards).
“I have to say I’m really happy with it,” Loeber says of Bluescape. “It fits the Kisco brand perfectly – super easy to use, minimal bloat.”
But being the value leader will only get you so far. As Kisco goes up against much larger security software companies — including a pair that’s in the low nine figures — Loeber realizes he needs to innovate in other ways.
To this end, Loeber is expanding Kisco’s partner and reseller network. Due to its lightweight nature, SafeNet/i requires a competent administrator to configure it properly. Loeber is building a network of consultants that he can tap into to help clients implement the exit point monitoring and management tool and truly lock down their IBM i servers.
“Kisco will strategically be a software company. I’m not interested in hiring teams of consultants. I’ve done it all before,” he says. “If a prospect asks us if there is help with implementation, we refer them to our partner network.”
COMMON launches IBM i Security Conference
Father, son & Co.: Kisco Systems gets to the bottom of security
Kisco blocks distribution of IBM i reports