Join us in New Orleans, Louisiana for POWERUp 2026, the premier conference for IBM i professionals. Whether you’re an experienced expert or just starting your IBM i journey, this event offers unparalleled education, hands-on workshops, and valuable networking opportunities. Stay ahead of the curve with insights from industry leaders, explore the latest innovations, and connect with a thriving community that shares your passion for IBM i. Don’t miss this opportunity to expand your knowledge, grow your skills, and power up your career!
Sign up or log in to add sessions to your schedule and sync them to your phone or calendar.
This is an "IBM i Security 101" double-session. We will cover IBM i security topics from the basics (user profiles, system values, and object authority) through more advanced topics (adopted authority, authority checking, IFS considerations, audit journaling, and a multi-layer defensive posture). We'll cover some of these topics from the traditional "greenscreen" as well as Navigator for i. This session is intended to "scratch the surface" on a wide range of IBM i security concepts.
Learning Objectives:
"Learn and understand how security is implemented in the IBM i platform: 1. User/group profiles 2. System values 3. Object-level authority "
IBM i security doesn’t have to be a black box. This session empowers you to take control of your system’s security using the built-in tools of Navigator for i. Whether you're just starting out or refining your expertise, we’ll guide you through essential elements like authority management, object security, audit trails, function usage, and authentication. You’ll learn best practices, how to configure secure settings, and how to use IBM i SQL services to deep dive into activity on your system and strengthen your security. Walk away with actionable insights and hands-on knowledge to confidently secure your IBM i environment. Take aways from this session ️ Apply best practices for Secure Configuration Leverage built-in tools for Monitoring ️How to use Function Usage to enhance your security Sample SQL queries
Learning Objectives:
️ Apply best practices for Secure Configuration Leverage built-in tools for Monitoring ️How to use Function Usage to enhance your security Sample SQL queries
Amy Williams is a Principal Security Services Consultant at Fortra, where she has worked since 2015. She holds CISSP, CISA, and PCI-P certifications and has nearly 30 years of experience on the IBM i platform across system administration, architecture, and application security in... Read More →
Monday April 27, 2026 3:15pm - 4:15pm CDT Balcony L
This session is designed to allow you to look through the eyes of a former black hat.
Learning Objectives:
In this session you will learn more about the different type of attackers and what there motivations are. How the large cyber crime organizations operate. Tactics and tools that hackers use to gain access to environments How quantum computers are going to change the data protection and encryption requirements. How the large cyber crime organizations operate.
Tony Owens is a recognized figure in the IT industry, particularly known for his expertise in IBM Storage solutions. He has been an IBM Champion since 2020 and has worked with various storage technologies and has contributed to the development and promotion of IBM's storage products... Read More →
Monday April 27, 2026 4:30pm - 4:50pm CDT Balcony L
Think that setting up a time-based one-time password (TOTP) for your IBM i 7.6 profile is complicated? It’s easier than you think! Join us to discover how quick and seamless it is using Navigator for i. This session will demonstrate how both traditional and non-traditional users of Navigator can generate a TOTP key and validate authentication codes using a client authenticator.
Learning Objectives:
`- Understand how to generate a TOTP key using Navigator for i - Learn how to validate authentication codes from a client authenticator
Ann Wilkerson is a lead user interface developer in IBM i. She joined the Rochester lab in 2021 and has since worked on Navigator, IBM i Services, and IBM i Migrate While Active. Her focus areas include security, networking, and the IFS.
Monday April 27, 2026 4:30pm - 4:50pm CDT Balcony M-N
The IBM i Audit Journal contains a wealth of security and system activity data, but accessing and analyzing that information efficiently can be a challenge. The Audit Journal Data Mart simplifies this process by transforming raw audit data into a structured format that’s easy to query and visualize. In this session, we’ll explore how the Data Mart enables deeper insights into system events, supports compliance reporting, and enhances security monitoring. Through practical examples and demonstrations, you'll learn how to leverage this powerful tool to make informed decisions and streamline audit analysis.
Learning Objectives:
`- Understand the structure and purpose of the IBM i Audit Journal Data Mart - Learn how to query and analyze audit data for security and compliance use cases
Ann Wilkerson is a lead user interface developer in IBM i. She joined the Rochester lab in 2021 and has since worked on Navigator, IBM i Services, and IBM i Migrate While Active. Her focus areas include security, networking, and the IFS.
Monday April 27, 2026 5:05pm - 5:25pm CDT Balcony M-N
The importance of using Function Usage was magnified in IBM 7.6. During this session Carol will describe Function Usage (formerly known as Application Administration) and how to use it to add another layer of security to your IBM i Security strategy.
Come learn about the security features included in the latest operating system release IBM i 7.6. Whether exciting, mundane, or even a little scary to consider, there is something that will pique your interest.
Learning Objectives:
Understand new features of IBM i 7.6 including *SYSBAS encryption and a high level overview of the new integrated MFA.
Robert Andrews is a Principal Security Consultant, Senior Technical Staff Member (STSM), and Team Lead for the IBM i Security Expert Labs team in Rochester, MN. An IBM Certified Thought Leader and The Open Group Distinguished Technical Specialist, Robert has specialized in IT security... Read More →
Tuesday April 28, 2026 8:00am - 9:00am CDT Studio 7-8
The potential to break a critical process when changing your security configuration is real. But with the proper investigation and analysis, security changes can occur without disrupting your business. During this session Steve Riedmueller and Carol Woodbury will provide the methods they use to investigate a system prior to making changes. Their goal is to give you the confidence to make system value, user profile and object authority changes with confidence and without fear of breakage.
Learning Objectives:
Learn: - how to effectively communicate the need to make security changes. - which configuration changes can be made without a huge project - how and when to use the audit journal to perform analysis - about authority collection analysis
In today’s evolving threat landscape, securing your IBM i environment is no longer optional—it’s essential. Unencrypted sessions invite credential theft and often violate compliance standards. This session will guide you through practical, step-by-step strategies to secure your IBM i using TLS encryption, with a special focus on the powerful capabilities of Navigator for i. We’ll also explore the latest administrative enhancements in Navigator for i, including new wizards and interfaces that simplify day-to-day tasks and help you lock down your system with confidence. Bonus: See how to use the Navigator TLS Wizard to lock down non-secure host servers in IBM i 7.6. Whether your goal is compliance, modernization, or simply better security hygiene, this session will equip you with the tools and knowledge to do it right. Learning objectives: ⚙️ Configure TLS across IBM i servers to protect data in transit. ️Update Access Client Solutions (ACS) configurations to be secure. ➕ Create and manage digital certificates, including using IBM i as a Certificate Authority (CA) or integrating with trusted third-party CAs. Secure Navigator for i using self-signed certificates to ensure your administrative interfaces are protected.
Learning Objectives:
⚙️ Configure TLS across IBM i servers to protect data in transit. ️Update Access Client Solutions (ACS) configurations to be secure. ➕ Create and manage digital certificates, including using IBM i as a Certificate Authority (CA) or integrating with trusted third-party CAs. Secure Navigator for i using self-signed certificates to ensure your administrative interfaces are protected.
Ann Wilkerson is a lead user interface developer in IBM i. She joined the Rochester lab in 2021 and has since worked on Navigator, IBM i Services, and IBM i Migrate While Active. Her focus areas include security, networking, and the IFS.
Amy Williams is a Principal Security Services Consultant at Fortra, where she has worked since 2015. She holds CISSP, CISA, and PCI-P certifications and has nearly 30 years of experience on the IBM i platform across system administration, architecture, and application security in... Read More →
Tuesday April 28, 2026 9:15am - 10:15am CDT Galerie 5
This session explores practical applications for Authority Collection, including standard and "creative" use cases. Authority Collection can be used to reduce the security exposure of privileged user profiles and to lock down objects/libraries/IFS. This session covers the different types of authority collection, how to turn them on/off, how to review and understand the data, and how to turn that knowledge into action. We will cover these things in detail, along with some “outside the box” ways of using this technology to answer questions and solve problems.
Learning Objectives:
"Learn how to: 1. Enable the different types of Authority Collection 2. Analyze data from the Authority Collection repository 3. Turn the data into actionable information 4. Harness the power of Authority Collection in creative ways"
Artificial intelligence is reshaping the security landscape, and IBM i environments are no exception. As AI-driven technologies become integral to enterprise operations, they introduce both unprecedented opportunities and new vulnerabilities. This session examines how AI is influencing IBM i security—from accelerating threat detection and predictive risk analysis to redefining compliance and access control strategies. We’ll explore practical examples such as free and company endorsed AI chatbots and how they can enable inexperienced users to bypass security configurations. Attendees will leave with a better understanding of AI’s dual role as a security enabler and a potential attack vector, along with actionable guidance for enhancing IBM i security approach to this evolving paradigm.
Learning Objectives:
Attendees will leave with a better understanding of AI’s dual role as a security enabler and a potential attack vector, along with actionable guidance for enhancing IBM i security approach to this evolving paradigm.
Sr. Solutions Engineer & IBM Power Champion, Fortra LLC
Sandi Moore is a Senior Solutions Engineer at Fortra with over 20 years of experience supporting systems monitoring and security software. She works extensively with IBM i environments and has been involved in product demonstrations, implementations, support, training, research, and... Read More →
Amy Williams is a Principal Security Services Consultant at Fortra, where she has worked since 2015. She holds CISSP, CISA, and PCI-P certifications and has nearly 30 years of experience on the IBM i platform across system administration, architecture, and application security in... Read More →
Tuesday April 28, 2026 4:30pm - 4:50pm CDT Studio 7-8
Multi-Factor Authentication (MFA) can feel like a hassle. Users groan at the extra steps, while IT teams wrestle with implementation. On the other hand, Single Sign-On (SSO) is often seen as the holy grail of convenience: one login, seamless access. But what does SSO really look like on the IBM i platform? And how is it different from MFA—not just in function, but in purpose? This session will break down the key differences between SSO and MFA, and dive into how SSO works specifically on IBM i. We’ll explore common protocols like Kerberos, SAML, and OAuth, and look at some Identity Providers (IDPs) such as MS Entra, Okta, and IBM Security Verify. You’ll learn which use cases are best suited for SSO, when MFA still makes sense, and how to align both with your broader security strategy.
Learning Objectives:
`- What are the differences between SSO and MFA - What SSO might look like on the IBM i - Protocol trade-offs
Robert Andrews is a Principal Security Consultant, Senior Technical Staff Member (STSM), and Team Lead for the IBM i Security Expert Labs team in Rochester, MN. An IBM Certified Thought Leader and The Open Group Distinguished Technical Specialist, Robert has specialized in IT security... Read More →
Tuesday April 28, 2026 5:05pm - 5:25pm CDT Studio 7-8
Not sure how secure your IBM i system really is—or how to prove it during an audit? This session is your roadmap to evaluating your system’s security posture with clarity. We’ll break down key IBM i security concepts like authority management, object security, audit trails, function usage, and authentication using Navigator for i. Learn how to interpret audit requests, uncover hidden vulnerabilities, and generate the right reports to demonstrate compliance. Plus, discover how the Audit Journal Data Mart can provide deeper visibility into system activity. Whether you're preparing for an audit or simply want to understand your system’s strengths and gaps, this session will help you move from uncertainty to confidence. In this session you will gain: Understanding of core IBM i security concepts ✅ Interpret and respond to common audit requirements Leverage built in tools for enhanced visibility
Learning Objectives:
Understanding of core IBM i security concepts ✅ Interpret and respond to common audit requirements Leverage built in tools for enhanced visibility
Amy Williams is a Principal Security Services Consultant at Fortra, where she has worked since 2015. She holds CISSP, CISA, and PCI-P certifications and has nearly 30 years of experience on the IBM i platform across system administration, architecture, and application security in... Read More →
Wednesday April 29, 2026 8:00am - 9:00am CDT Balcony L
The exciting new 7.6 IBM i integrated MFA solution includes multiple features. Come learn what is possible and how the features can be combined to secure your system. We will Deep Dive on TOTP. The integrated IBM i MFA solution's primary new feature is Time-based One Time Password (TOTP) authentication implemented as a user profile attribute. We will discuss details on the implementation and expand on configuration and use.
Learning Objectives:
Understand how to setup MFA on IBM i 7.6 Understand how MFA affects various types of user authentications
Robert Andrews is a Principal Security Consultant, Senior Technical Staff Member (STSM), and Team Lead for the IBM i Security Expert Labs team in Rochester, MN. An IBM Certified Thought Leader and The Open Group Distinguished Technical Specialist, Robert has specialized in IT security... Read More →
Wednesday April 29, 2026 8:00am - 10:15am CDT Galerie 2
These days, using TLS to secure connections is a required practice. But if you are unfamiliar with generating public and private keys, working with certificates and using DCM to secure your IBM i apps, things can be a little intimidating. What if I do it wrong? How can I use third party certificate providers and how does it all work with my domain registrar? There are many moving parts in the TLS world. This session will focus on describing the parts and how they work together with DCM to sanely manage your secure access on IBM i.
Learning Objectives:
1) Learn the basic components of TLS. 2) See how each relates to the IBM i 3) Step through the process on IBM i DCM 4) Look at 3rd party tools and certificate providers like Letsencrypt and see how to leverage them on IBM i
Pete is a developer with broad experience across multiple languages and platforms, including over 30 years of system 3X/AS400/iSeries/IBM i experience. He holds certifications as a GIAC Cloud Penetration Tester, GIAC Secure Software Programmer-Java, AWS Certified Cloud Practitioner... Read More →
Wednesday April 29, 2026 9:15am - 10:15am CDT Balcony L
What is an authorized pointer? How does the authority checking algorithm really work? What are the performance aspects of IBM i security? Using her knowledge obtained as IBM i Security team leader, Carol Woodbury answers these questions and more, as she takes you into the depths of IBM i security.
Learning Objectives:
Understand the deeply technical aspects of IBM i Security.
The Integrated File System (IFS) remains one of the most overlooked areas in IBM i security. Many organizations either underestimate the risks posed by an unsecured IFS or lack clarity on how to effectively protect it. This oversight can leave sensitive data vulnerable to unauthorized access, manipulation, malware, and theft. In this session, attendees will learn practical strategies for securing the IFS and discover the tools and configurations necessary to implement robust protections. We’ll also explore the latest security features introduced in IBM i 7.6, which offer expanded capabilities to safeguard the IFS environment.
Learning Objectives:
Learn practical strategies for securing the IFS Discover the tools and configurations necessary to implement robust protections Explore the latest security features introduced in IBM i 7.6
Justin Nelson is a software developer within IBM i development. He has worked on the IBM i since joining IBM in 2015. He is a member of the integrated file system & servers (IFS) team and specializes in the Network Client File System (QNTC), host servers, and Network Authentication... Read More →
Sr. Solutions Engineer & IBM Power Champion, Fortra LLC
Sandi Moore is a Senior Solutions Engineer at Fortra with over 20 years of experience supporting systems monitoring and security software. She works extensively with IBM i environments and has been involved in product demonstrations, implementations, support, training, research, and... Read More →
Wednesday April 29, 2026 3:45pm - 4:45pm CDT Galerie 3
In this award-winning session, be prepared to hear Scott Forstie and Carol Woodbury shake up the world of IBM i Security, mixing up new SQL features that allow you to completely do away with the old way you've been investigating and managing your IBM i Security environment. They will also shake up your mind with thoughts of finding vulnerabilities in your code and debate various methods of resolving the issues. Come prepared to have your IBM i Security world a bit shaken.
Learning Objectives:
Understand how SQL can be used to help you secure IBM i Learn why staying current is important Have the knowledge to use the Run SQL Scripts file provided with the session in your workplace
Scott Forstie is a Senior Technical Staff Member within IBM i development and spends most of his time working as the Db2 for i Architect. He has worked on IBM operating system development since joining IBM in 1989. Scott is a frequently published author, speaker at industry events... Read More →
Don’t synchronize passwords…eliminate them! IBM i supports connecting to a Windows Active Directory domain to support automatic login to Client Access interfaces based on the currently logged-in PC user. This session will cover everything you need to know about how IBM’s SSO solution works, who can benefit from it, and how to implement it on your own systems. If you’re looking to remove password management from your list of IBM i administrative tasks, this is the session for you!
As a Senior Systems Engineer on the Service Delivery team at CloudFirst, Nathan provides support and advice on new hardware installations, system migrations, OS upgrades, SAN and VIOS implementations, and more. He has been in an IT support role of one form or another since the mid-1990s... Read More →
Thursday April 30, 2026 8:00am - 9:00am CDT Studio 7-8
IBM i systems often run critical business applications but remain invisible to most security teams. A SIEM (Security Information and Event Management) platform helps centralize and analyze security data for threat detection and compliance—but what does that mean for IBM i? This session defines SIEM, outlines key IBM i data sources like audit journals and system logs. Learn how to make IBM i a visible, actionable part of your security strategy.
Learning Objectives:
Define SIEM and its role in security and compliance. Identify IBM i data sources relevant to SIEM. Explore integration options for improved visibility and monitoring.
Sr. Solutions Engineer & IBM Power Champion, Fortra LLC
Sandi Moore is a Senior Solutions Engineer at Fortra with over 20 years of experience supporting systems monitoring and security software. She works extensively with IBM i environments and has been involved in product demonstrations, implementations, support, training, research, and... Read More →
Thursday April 30, 2026 9:15am - 10:15am CDT Studio 7-8
Adopting AI-based Assistants and Agentic AI tools in your organization? While these technologies are enticing and extremely powerful, the need to consider security during your AI projects is something one must not forget. During this session Scott Forstie and Carol Woodbury will demonstrate the power of using IBM Bob for IBM i security tasks. In addition, they’ll discuss the security safeguards and proper configurations you’ll want to consider when implementing AI.
Learning objective: Learn the power of using Bob and IBM i for IBM i security tasks as well as considerations for safeguarding your IBM i in the world of AI.
Scott Forstie is a Senior Technical Staff Member within IBM i development and spends most of his time working as the Db2 for i Architect. He has worked on IBM operating system development since joining IBM in 1989. Scott is a frequently published author, speaker at industry events... Read More →
Audit journaling on IBM i doesn’t have to be complicated. With IBM Navigator for i, configuring and analyzing audit data is easier than ever. This session will demonstrate how Navigator streamlines audit setup with just a few clicks and simplifies the process of consuming and interpreting audit journal entries. We’ll also highlight performance enhancements that accelerate data analysis and expand the possibilities for leveraging audit data in security and compliance efforts.
Learning Objectives:
`- Learn how to configure audit journaling on IBM i using Navigator for i with minimal effort - Understand how to efficiently consume and analyze audit journal entries through Navigator - Explore performance enhancements and new capabilities that expand the potential of audit data analysis
Ann Wilkerson is a lead user interface developer in IBM i. She joined the Rochester lab in 2021 and has since worked on Navigator, IBM i Services, and IBM i Migrate While Active. Her focus areas include security, networking, and the IFS.
Thursday April 30, 2026 3:00pm - 4:00pm CDT Galerie 4
Encryption is your last line of defense against data breaches but implementing it effectively on IBM i requires the right knowledge and strategy. In this session, we’ll go beyond the “why” and dive into the “how.” We’ll cover what is sensitive data and what data you should be encrypting. We’ll cover the technical methods for encrypting sensitive data on IBM i, from disk level encryption to integrated encryption solutions. We’ll also explore key management, performance trade-offs, compliance considerations, and practical scenarios where one approach might be more effective than another. Attendees will walk away with actionable knowledge to evaluate encryption methods and sustainable encryption strategy for their IBM i environment.
Learning Objectives:
Understanding of the available encryption methods on IBM i How to evaluate your encryption requirements Actionable list of next steps to start your encryption implementation
Sr. Solutions Engineer & IBM Power Champion, Fortra LLC
Sandi Moore is a Senior Solutions Engineer at Fortra with over 20 years of experience supporting systems monitoring and security software. She works extensively with IBM i environments and has been involved in product demonstrations, implementations, support, training, research, and... Read More →
Megan Olson is a Software Engineer and Product Manager at Fortra. Megan began her career at Fortra in 2021 as a Software Engineer Intern after earning her degree in Software Development in 2020. She has a strong technical focus on system security, product development, and driving... Read More →
Thursday April 30, 2026 3:00pm - 4:00pm CDT Studio 9-10
In this session we will explain what digital certificates are, how they work, and how to manage them on IBM i with Digital Certificate Manager (DCM). We will cover the basics of cryptography, hashing, signatures, SSL/TLS, PKI, Certificate Authorities, and more.
Learning Objectives:
1. Understand the basics of public-key cryptography 2. Understand the purpose for digital certificates 3. Understand how to store and manage certificates in DCM
Today, there are no known ransomware viruses that run directly on IBM i. However, that does not mean that the IBM i is not at risk. In this practical session, you will learn how to keep your IBM i system safe from Ransomware attacks. Don't miss this critical session! COMMON GOLD medal session.
Learning Objectives:
Understand the threats to IBM i Implement practices to protect the IBM i from those threats
Robert Andrews is a Principal Security Consultant, Senior Technical Staff Member (STSM), and Team Lead for the IBM i Security Expert Labs team in Rochester, MN. An IBM Certified Thought Leader and The Open Group Distinguished Technical Specialist, Robert has specialized in IT security... Read More →
Thursday April 30, 2026 4:15pm - 5:15pm CDT Studio 3-4
