Authority on Demand Control Authority Rights & Emergency Access

Slides:

Advertisements

Similar presentations

Support.ebsco.com EBSCOadmin Reports & Statistics Tutorial.

Advertisements

NCOAUG Training Day Summer 2008 Presentation Approve and Send Your Purchase Order via Possible Configuration Options (11i) Presented by Al Kannan,

IPS of Boston Checks On Demand! ® Welcome! To navigate this presentation, first click in this window, then use the arrow keys on your keyboard. Welcome!

Pharos Uniprint 8.3.

1 Central Administration Advanced Management of Multiple Systems.

Welcome to the Award Winning Easiest to Use & Most Advanced View, Manage, and Control Security, Access Control, Video, Energy & Lighting Systems, & Critical.

ISecurity User Profile & System Value Replication.

1 Authority on Demand Flexible Access Control Solution.

Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.

Authority on Demand Control Authority Rights & Emergency Access.

Wisconsin Department of Public Instruction

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

High Availability Group 08: Võ Đức Vĩnh Nguyễn Quang Vũ

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

Time System What is this all about? The purpose of this project is to automate how Evergreen collects, records and manages employees’ dates and times worked.

SYSLOG Real-Time Monitoring of System i Events. What is SYSLOG? Multi server environments are now the reality at most sites; however the number of operators.

1 Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting.

1 System Control & MSGQ. 2 System Control & MSGQ Features Uses QSYSOPR or any application message queue data as input to iSecurity Action module Enables.

© Softmark Continuous Availability Operational Simplicity Financial Advantage Secure Your Stratus Systems VOS Auditor.

1 Action Automated Security Breach Reporting and Corrections.

Application Process USAJOBS – Application Manager USA STAFFING ® —OPM’S AUTOMATED HIRING TOOL FOR FEDERAL AGENCIES.

Setting up in Outlook Express. Select “Tools” from the toolbar menu.

For Sage MIP Fund Accounting

Creating a Single Sign On Account. To create a Single Sign On ID please visit and select the option to create a new account.

Grants Online Locating and Viewing Documents Attached to a Grant of Aid Step-by-Step Guide February 2013.

Lieberman Software Random Password Manager & Workflow Delegation.

CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.

Mandatory Annual ACE Training Fiscal Year 2011 – 2012.

NWU: Helpdesk Call handling ITC Training: Session 1 -Call Logging and Remedy -Campus Helpdesks and Escalation -Remedy Solution Database -Remedy Mechanisms.

Mandatory Annual ACE Training Fiscal Year 2010 – 2011.

1 Authority on Demand Flexible Access Control Solution.

WITSML Service Platform - Enterprise Drilling Information

Introduction + Track Time is a enterprise grade web based software with robust features to simplify Time.

Firewall End-to-End Network Access Protection for IBM i.

Administrator – Employee Overview September, 2011.

Password Recovery Via Customer Care. Account Detail Via Customer Service. Account Configuration With Our Experts. You Want Recover All information.

What’s New in Fireware v11.9.5

1 Automatic Tracing of Program and File Changes on IBM i Inside Change Tracker.

Learningcomputer.com SQL Server 2008 – Administration, Maintenance and Job Automation.

1 Action Automated Security Breach Reporting and Corrections.

Firewall End-to-End Network Access Protection for IBM i.

Module 15 Monitoring SQL Server 2008 R2 with Alerts and Notifications.

1 Authority on Demand Provide high authority “as-needed” with full Audit Trail.

Brief Overview: Options for Licence & Support Open Source Job Scheduler Software- und Organisations-Service GmbH 

1 Session Number Presentation_ID © 2002, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Website for Security and Virtual Private Network.

1 Command Control and Monitor CL Commands. 2 Command- The Need CL commands control nearly all IBM functionality Monitoring, controlling and logging CL.

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

1 Session Number Presentation_ID © 2002, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Web Site for Network Security and Virtual Private.

SAP GRC(Governance Risk and Compliance)/SECURITY ONLINE TRAINING  Magnific Name : SAP GRC/SECURITY 24*7 Technical support  faculty : Real time Experience.

Syslog for SIEM Products Using iSecurity Real-Time Monitoring of IBM i Security Events.

How to complete and submit a Final Report through

iSecurity Compliance with HIPAA

Anti Virus System i-Specific Anti-Virus Product

Welcome! To the ETS – Create Client Account & Maintenance

SAP GRC(Governance Risk and Compliance)/SECURITY ONLINE TRAINING UK

USAJOBS – Application Manager

FANS (Future Air Navigation System) Flight Crew Procedures

Q TRACKER Tracking on the job training hours for Apprentices.

Briefing Session Guide

Manage your Interest Group

iCIMS 17.1 Release: Highlights

Configuring Internet-related services

County HIPAA Review All Rights Reserved 2002.

Project Statement To create an efficient internal operating solution for aquatic facilities which enables rosters to be produced and available with direct.

Time Gathering Systems Secure Data Collection for IBM System i Server

Exception Basics DARS provides authorized users a means to override requirements for individual students.

Modern benefits administration and HR software, supported by us.

WELCOME How to Setup Yahoo Account Key Feature in Browser? CONTACT US

iSecurity AP Journal Training

iSecurity Password-Reset Training

Presentation transcript:

Authority on Demand Control Authority Rights & Emergency Access

The Challenge System i sites define user’s security levels and allocate security rights corresponding to the different job responsibilities in the organization Emergency access to critical application data and processes is a potentially serious security breach which is often uncovered in System i audits. Manual approaches to this problem are not only error-prone, but do not comply with regulations and auditor’s often stringent security requirements. Enables all the standard notification procedures Interfaces other iSecurity products to give an overall security perspective, as well as activation of corrective response measures.

AOD Features ADD and SWAP Security Levels (ADD is feature unique to AOD) – can ADD additional security rights to current user profile or grant a new security authority level. Global Add SPCAUT Authority Transfer On-Demand Rules & Providers - pre-define special authority "providers" and authority transfer rules. Safe Recovery from Emergency – recover from emergency situations with minimum risk of human error and maximum reporting of activities while running with higher special authority. Full Monitoring Capabilities - logs and monitors all relevant activities, and sends audit reports and real-time e-mail alerts when higher authority rights are provided. Simple, Controlled Access – Only authorized users can grant authority or access critical data and processes and incorporates easy-to-use reporting and monitoring mechanisms. Part of Comprehensive Solution - solidifies iSecurity's position as the most comprehensive security solution for System i environments.

Authority on Demand Training

AOD main menu. We’ll enter option 5 to define Authority Providers.

Let’s look at how QSECOFR is defined.

Let’s look at option 1, AOD rules.

System Configuration

System Configuration

System Configuration

System Configuration

System Configuration

System Configuration

System Configuration

System Configuration

Using Authority on Demand

The request was rejected, enter DSPAODLOG...

… because it was not requested during off hours.

Let’s update the definition the Rule and remove the time group EVENING

AOD is starting, the first command DSPJOB is run automatically

Then the seconds Command WRKSPLF is run automatically

Note that the user profile authority has not changed

Note that the user profile authority has not changed

But the user profile now has QSECOFR rights

Reporting, an email is sent, a message is sent, a log is written

Auditing

Auditing More information can be retrieved via the AODLOG

Auditing More information can be retrieved via the AODLOG

Auditing

Auditing

Auditing More information can be retrieved via the AODLOG

Example SWAP SWAP profile

Example SWAP

Example SWAP Job user has changed

Thank You! Please visit us at www.srcsecuresolutions.eu