Help/Systems SEQUEL Software PowerTech Skybot Software
Help/Systems
The World's Leader in IBM iSeries Software Solutions
HomeConnectTom Huntington's Blog › What Can We Do Differently?

What Can We Do Differently?

Submitted by Tom Huntington on Wed, 11/02/2011 - 9:40am

I guess I am officially a blogger when I have more questions than answers. Well, today I have some new questions for you: How should Help/Systems deal with regulations to make it easier for you to update your software? What can Help/Systems do to use change control better?”

These questions popped up because of some recent customer issues.

Hardware Upgrades

"We upgraded our Power 5 hardware to Power 7, and our Help/Systems security code stopped working. Can you give me a permanent security code? Our compliance team doesn’t let us use a temporary code to run a product on a production system?”

This customer was running a software version from 3½ years ago. We needed to update them to a version that was only 2 years old. Until they update, they’ll have to run a temporary security code. The good news is that the temporary code runs the same version of the software as the permanent code.

Java-Based Products

A second example concerns one of our products that uses Java on the IBM i server. On the IBM i platform, Java is controlled and installed by IBM. On other platforms like AIX, Linux, and Windows, developers can decide where Java is installed. So, on the IBM i platform, Help/Systems is at the mercy of how Java is maintained on your server. In this case, a symbolic link was pointing the Java code to a wrong path, causing problems.

The fix is to change the security authorization of a profile, or remove the symbolic link. Unfortunately, changing the link could effect a production application written by IBM for the customer and the customer would have to re-test the business application. Consequently, this update won’t happen (nor would we recommend it).

The Questions

So, back to my original questions: “How can we make it easier to install our products and avoid these issues?” Over the years, we've added pre-checker programs and Wizards. The pre-checker programs verify that we have the correct environments for Java; the Wizards make installations easier. We test our software under strict guidelines, developed from ISO standards. But, we still have to be ready for the unexpected.

If you have any suggestions about how we can anticipate and navigate regulation change control roadblocks from SOX, PCI, HIPAA, GLBA, and more, I’m open for ideas.

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
By submitting this form, you accept the Mollom privacy policy.