Category Archives: General

If it doesn’t fit somewhere else…

It’s time for sensible password security standards in the PCI-DSS

Passwords are the keys to the Internet kingdom.  Sure, there are certificates that identify sites and provide the basis for TLS encryption, but it is the user ID and password that authenticate you almost everywhere you log on to something.  … Continue reading

Posted in General | 1 Comment

WMQ Training for Beginners

The email stream lately has included many requests for training suitable for beginners new to WebSphere MQ.  This is good because it implies new customers or a larger community of developers and admins.  My pages here are organized as more … Continue reading

Posted in General | 3 Comments

Thoughts on Disaster Recovery

I’m often amazed by the amount of synchronicity in the world.  Most recently I’ve been flooded from all sides with discussions about disaster recovery and of those, almost all wanted to achieve a zero recovery point without sacrificing performance.  Since … Continue reading

Posted in General | 6 Comments

Books, webinars and conferences, oh my!

The new WMQ Security book is into the review stage now and coming slowly along.  The four weeks we were all together in Raleigh flew by so fast it is amazing how much we were able to get done.  The … Continue reading

Posted in General | Leave a comment

Sharpening the saw

I am fortunate this year to participate in many seminars and conferences.  I just finished IMPACT and on June 5th I’ll be in New York for the WSMQAdmin seminar there.  The following week I’ll be in Zurich for the TI&M … Continue reading

Posted in Events, General | Tagged , , | Leave a comment

PCI zone and non PCI zone in same DataPower box

I’ve been having PCI Déjà vu lately.  It seems the same questions keep coming up over and over.  One strategy for compliance that is nearly ubiquitous is to segregate the PCI data from the rest of the network.  In practical terms, … Continue reading

Posted in General, WMQ Security | Tagged , , , , , , | 4 Comments

Encrypting passwords in config files – secure or not?

Not long ago a colleague told me he wished that he could use a .kdb format keystore for his Java applications.  When I inquired as to why, he said he liked that the .kdb includes the ability to stash an … Continue reading

Posted in General, WMQ Security | 3 Comments