One of the greatest challenges that an organization faces when securing an IBM i environment is protecting the system from the very people who are also charged with its care and feeding: programmers, administrators, security officers, and even those we call Power Users.
In this session, we discuss several common security concerns, such as:
- How you can prohibit a programmer from accessing your production environment, except for those times when they need to diagnose and fix a production problem.
- How you can prohibit QSECOFR from running certain commands.
- How you can enable the Help Desk to re-enable a user and reset the user's password without assigning the Help Desk very high levels of authority.
- What exposures you can avoid by proper ownership of powerful user profiles.
- How you can selectively allow *ALLOBJ authority to be used only at certain times.
- How you can track activity inside powerful "invisible" tools like STRSQL and STRSST.
We discuss the ways to control and audit the activity of powerful users, with a view to enhancing the integrity of your IBM i. With the proper controls in place, you can restrict even the most powerful users as required.
Find out how easy it is to monitor and control IBM i power users with Authority Broker