1 Authority on Demand Flexible Access Control Solution.

Slides:



Advertisements
Similar presentations
MFA for Business Banking – Security Questions with 2nd Request Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.
Advertisements

MFA for Business Banking – Security Questions with Reset Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.
Bill Roettger Feature Updates for HCV-ID. Overview For Patients Collect: - Patient Information - Insurance Cards - Acceptance of Data Privacy Policy -
Support.ebsco.com EBSCOadmin Reports & Statistics Tutorial.
Firewall End-to-End Network Access Protection for System i.
Travel and Expense Management Scenario Overview
IPS of Boston Checks On Demand! ® Welcome! To navigate this presentation, first click in this window, then use the arrow keys on your keyboard. Welcome!
1 Contract Inactivation & Replacement Fly-in Action ( Continue to Page Down/Click on each page…) Electronic Document Access (EDA)
1 Central Administration Advanced Management of Multiple Systems.
HORIZONT TWS/WebAdmin TWS/WebAdmin for Distributed
ISecurity User Profile & System Value Replication.
KX-TVM50 KX-TVM200 V2.0 (Edition 1.1 2nd November, 2007)
 Copyright I/O International, 2013 Visit us at: A Feature Within from Sales Rep User Friendly Maintenance – with Zip Code.
Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.
Authority on Demand Control Authority Rights & Emergency Access.
1 Visualizer for Audit Graphical Business Intelligence Display & Analysis Tool.
Electronic Official Personnel Folder (e-OPF) for Federal Employees 2014.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
HORIZONT 1 ProcMan ® The Handover Process Manager Product Presentation HORIZONT Software for Datacenters Garmischer Str. 8 D München Tel ++49(0)89.
Monitoring Security With Standard SAP Tools Session Code 805 Sandi McKinney.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
SYSLOG Real-Time Monitoring of System i Events. What is SYSLOG? Multi server environments are now the reality at most sites; however the number of operators.
1 Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting.
1 Password Reset Effortless, Self service User Password Reset.
1 Compliance Evaluator Single-View Overall Compliance Reports.
1 Action Automated Security Breach Reporting and Corrections.
WebReport/400 TCP/IP Configuration Presented by Kisco Information Systems.
March 2005 UMORS 1 UMORS Vander Kooi and Associates, Inc Ultimate Multiple Overhead Recovery System.
Using Microsoft Office Communicator. Microsoft Office Communicator Office Communicator enables you to instantly communicate with your colleagues using.
A Green Initiative by Brookdale Community College Presented by Debbie Almeida Manager, Accounts Payable and Special Projects.
NSTS Internal Demo. Agenda 1.NSTS Release Summary 2.Functionality/Enhancements by User Group Licensee Agency Admin 3.Scenarios/Demo 2.
WEB PRICING SYSTEM User Manual. Click here to Log In The Defense Commissary Agency Vendor Price Change system is located at
1 Authority on Demand Flexible Access Control Solution.
Online Reporting Guide
Chapter 16 Designing Effective Output. E – 2 Before H000 Produce Hardware Investment Report HI000 Produce Hardware Investment Lines H100 Read Hardware.
Firewall End-to-End Network Access Protection for IBM i.
This tip sheet focuses on the elements required to access SMART. Total Pages: 5 Accessing SMART Logging In Agency/Facility/Program Access Logging Out IGSR.
TimeTrex Electronic Signature Process. Welcome to the new totally electronic TimeTrex System The purpose of this presentation is to explain how the electronic.
1 Automatic Tracing of Program and File Changes on IBM i Inside Change Tracker.
1 Action Automated Security Breach Reporting and Corrections.
Computer Emergency Notification System (CENS)
Firewall End-to-End Network Access Protection for IBM i.
M O V E – Management – Of – Vibration – Emissions/Exposure.
1 Authority on Demand Provide high authority “as-needed” with full Audit Trail.
What is Web Site Administration Tool ? WAT Allow you to Configure Web Site With Simple Interface –Manage Users –Manage Roles –Manage Access Rules.
1 Command Control and Monitor CL Commands. 2 Command- The Need CL commands control nearly all IBM functionality Monitoring, controlling and logging CL.
Registration Solutions for your Event Management.
Davisware GlobalEdge 2008 Payroll Main Menu Time Entry and Payroll Processing.
2016 TELPAS Online Testing. TELPAS Assessment Management System Accessed at
FHA Training Module 1 This document reflects current policy related to this topic. Its content is approved for use in all external and internal FHA-related.
2012 TELPAS Online Testing & Data Collection. Disclaimer  These slides have been prepared by the Student Assessment Division of the Texas Education Agency.
TEA Student Assessment Division 2  These slides have been prepared by the Student Assessment Division of the Texas Education Agency.  If any slide is.
1 © 2004 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Technical Support Seminar Using the Cisco Technical Support Website.
How to complete and submit a Final Report through Mobility Tool+ Technical guidelines Authentication, Completion and Submission 1 Antonia Gogaki IT Officer.
2016 TELPAS Online Testing & Data Collection. Disclaimer  These slides have been prepared by the Student Assessment Division of the Texas Education Agency.
Downloading and Installing GRASP-AF Workshop Ian Robson Information Analyst, North of England Cardiovascular Network.
Syslog for SIEM Products Using iSecurity Real-Time Monitoring of IBM i Security Events.
How to complete and submit a Final Report through
Training Documentation – Replacing GSPR with RFQ 2.0
Maintaining Windows Server 2008 File Services
Briefing Session Guide
How to Create and Start a Test Session
How Students Log In and Start a Test
Unemployment Insurance Agency Michigan Web Account Manager
iSecurity AP Journal Training
iSecurity Password-Reset Training
Authority on Demand Control Authority Rights & Emergency Access
Presentation transcript:

1 Authority on Demand Flexible Access Control Solution

2 The Challenge Emergency access to critical application data and processes is a very common security breach which is uncovered in System i audits. Currently, manual approaches to this problem are not only error-prone, but do not comply with regulations and auditor’s often stringent security requirements. System i sites define user’s security levels and allocate security rights corresponding to the different job responsibilities in the organization.

3 AOD Features Easy to Use - simplifies granting special authorities when necessary, and incorporates easy-to-use reporting and monitoring mechanisms. Add/Swap Security Levels (unique to iSecurity AOD) - grants a new security authority level or adds additional security rights on request. Authority Transfer Rules & Providers - enables pre-defining special authority "providers" and special authority transfer rules. Safe Recovery from Emergency - enables recovering from different types of emergency situations with minimum risk of human error. Full Monitoring Capabilities - logs and monitors all relevant activities, and sends audit reports and real-time alerts when employees request higher authority. Part of End-to-End Solution - solidifies iSecurity's position as the most comprehensive security solution for System i environments. Intuitive GUI Interface –suitable for non-technical staff. Controlled Access – allows only relevant personnel to access critical data

4 Part 1 Authority on Demand Scenario

5 Without Authority on Demand: Inefficient Work Mode Sam Evans Programmer Has authorities for Test & Development Needs authorities for Production once a week Richard Garner Busy IT Manager Hi Sam… temporary authorities for the Production folder? Hmmm, I don’t have time now… maybe next week. Authority Request Rejected

6 With Authority on Demand: Automatic Granting of Special Authorities Let’s define authority rules: When Sam Evens requests authority for Production Folder between 8AM-16:30PM, the system will automatically grant it… Uh, Richard, I need authorities for the Production folder again…

7 Requesting Special Authority… Now that we have AOD, I’ll request authority… Wow, this is so much easier than calling up Richard…

8 Instantly & Automatically Receiving Authorities Got the authorities!

9 Finally, I don’t have to waste my time on granting special authorities… the whole process is automatic and I can see a full log of Sam’s authority requests and even screen captures! Effective Monitoring of Special Authorities

10 Part 2 Authority on Demand Screens

11 AOD Welcome Screen

12 Authority on Demand Log DANA start add authority of user QSECOFR in job /DANA/QPADEV0003. Reason: Need to check problem in production system. Confirmation ID: 5634 Time: 11/03/08 22:40 DANA end add authority of user QSECOFR in job /DANA/QPADEV0003. Time: 11/03/08 23:19 ID: 653 Attachment 1 – Command entered Attachment 2 – Captured Screens Attachment 3 – DB Records changes Command entered ID: 653, Attachment 1 DB Records changes ID: 653, Attachment 3 Captured Screens ID: 653, Attachment 2 * Other attachment options available (all QAUDJRN information, summary of changes made by Ad-Hoc utilities…)

13 Authority on Demand Main Menu

14 Work with Authority Rules Select Authority Rule to modify.

15 Modify an Authority Rule Each field needs to be explained individually; “Add authority of Provider” is unique to AOD & ensures that logged info relates to requester.

16 Modify an Authority Rule Important note below.

17 Work with Authority Providers Select an Authority Provider to modify.

18 Modify definitions for an Authority Provider

19 Define (Option 6) and Change a Time Group

20 Activation menu (Option 11)

21 Request to obtain Authority (GETAOD) Requestor must enter the name of the Authority provider and either a PIN Code (with Reason *BYPIN) or Reason text.

22 GETAOD was successful Feedback message below.

23 messages for Start/End Authority

24 GETAOD was not successful Feedback message below.

25 Unsuccessful GETAOD: log and

26 Unsuccessful GETAOD- full explanation

27 Request AOD Console Messages Enter command.

28 Sample AOD Console Messages

29 Option 41 from the Main Menu is used to Display AOD log entries; can be filtered by requester or provider. Display AOD Log Entries

30 Sample AOD Log Entries Sample AOD Log Entries; F10 provides details.

31 Select type of AOD Log entries to Display Note the numerous possibilities for displaying AOD log entries.

32 This is the QAUDJRN log for one AOD request. Audit Log for one Get AOD request

33 AOD log contains “pointers” (i.e. attachments) to the appropriate QAUDJRN log. Option 43: Print Log

34 This is the printed QAUDJRN log for a single AOD request. Print output of QAUDJRN

35 This is an actual screen “Capture” of using AOD (back version). Showing “Captured” Screen Image

36 This is one of the user screens “Captured” (frame 11 in the Capture log file). Another “Captured” Screen Image

37 AOD System Configuration Screen Option 81 from the AOD Main Menu.

38 General Definitions Configuration Screen Note various general definition parameters.

39 Exit Programs Configuration Screen AOD allows for site-specific exit program overrides.

40 AOD Log Retention Configuration Screen Set the Log Retention period using this screen.

41 Definitions Configuration Screen An appropriate license must be signed with a local ISP.

42 SYSLOG attributes are defined using Option 81  21 from the main menu. SYSLOG Definitions

43 These are the SYSLOG messages written when authority was added. SYSLOG Messages

44 Work with AOD Operators Select an AOD Operator to modify.

45 Modify AOD Operator Rights Full product usage, Emergency usage or use as an Auditor (read-only).

46 Emergency Operator Screen Current user has been defined as Emergency operator, only 1 rule can be modified.

47 Modify Rule by Emergency Operator Modify the rule which relates this Emergency operator; other rules cannot be modified.

48 Auditor Screen No changes may be made to rules.

49 Modify Authority Rules screen disabled All input fields are disabled in this mode.

50 Please visit us at Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.