Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authority on Demand Control Authority Rights & Emergency Access

Published byEsko Karjalainen Modified over 5 years ago

Similar presentations

Presentation on theme: "Authority on Demand Control Authority Rights & Emergency Access"— Presentation transcript:

1 Authority on Demand Control Authority Rights & Emergency Access

2 The Challenge System i sites define user’s security levels and allocate security rights corresponding to the different job responsibilities in the organization Emergency access to critical application data and processes is a potentially serious security breach which is often uncovered in System i audits. Manual approaches to this problem are not only error-prone, but do not comply with regulations and auditor’s often stringent security requirements. Enables all the standard notification procedures Interfaces other iSecurity products to give an overall security perspective, as well as activation of corrective response measures.

3 AOD Features ADD and SWAP Security Levels (ADD is feature unique to AOD) – can ADD additional security rights to current user profile or grant a new security authority level. Global Add SPCAUT Authority Transfer On-Demand Rules & Providers - pre-define special authority "providers" and authority transfer rules. Safe Recovery from Emergency – recover from emergency situations with minimum risk of human error and maximum reporting of activities while running with higher special authority. Full Monitoring Capabilities - logs and monitors all relevant activities, and sends audit reports and real-time alerts when higher authority rights are provided. Simple, Controlled Access – Only authorized users can grant authority or access critical data and processes and incorporates easy-to-use reporting and monitoring mechanisms. Part of Comprehensive Solution - solidifies iSecurity's position as the most comprehensive security solution for System i environments.

4 Authority on Demand Training

5

6 AOD main menu. We’ll enter option 5 to define Authority Providers.

7 Let’s look at how QSECOFR is defined.

8

9 Let’s look at option 1, AOD rules.

10

11

12

13 System Configuration

14 System Configuration

15 System Configuration

16 System Configuration

17 System Configuration

18 System Configuration

19 System Configuration

20 System Configuration

21 Using Authority on Demand

22 The request was rejected, enter DSPAODLOG...

23 … because it was not requested during off hours.

24 Let’s update the definition the Rule and remove the time group EVENING

25

26 AOD is starting, the first command DSPJOB is run automatically

27 Then the seconds Command WRKSPLF
is run automatically

28

29

30 Note that the user profile authority has not changed

31 Note that the user profile authority has not changed

32 But the user profile now has QSECOFR rights

33 Reporting, an email is sent, a message is sent, a log is written

34 Auditing

35 Auditing More information can be retrieved via the AODLOG

36 Auditing More information can be retrieved via the AODLOG

37 Auditing

38 Auditing

39 Auditing More information can be retrieved via the AODLOG

40 Example SWAP SWAP profile

41 Example SWAP

42 Example SWAP Job user has changed

43

44

45

46

47 Thank You! Please visit us at

Download ppt "Authority on Demand Control Authority Rights & Emergency Access"

Similar presentations

Support.ebsco.com EBSCOadmin Reports & Statistics Tutorial.

Support.ebsco.com EBSCOadmin Reports & Statistics Tutorial.
NCOAUG Training Day Summer 2008 Presentation Approve and Send Your Purchase Order via E-Mail Possible Configuration Options (11i) Presented by Al Kannan,

NCOAUG Training Day Summer 2008 Presentation Approve and Send Your Purchase Order via Possible Configuration Options (11i) Presented by Al Kannan,
IPS of Boston Checks On Demand! ® Welcome! To navigate this presentation, first click in this window, then use the arrow keys on your keyboard. Welcome!

IPS of Boston Checks On Demand! ® Welcome! To navigate this presentation, first click in this window, then use the arrow keys on your keyboard. Welcome!
Pharos Uniprint 8.3.

Pharos Uniprint 8.3.
1 Central Administration Advanced Management of Multiple Systems.

1 Central Administration Advanced Management of Multiple Systems.
Welcome to the Award Winning Easiest to Use & Most Advanced View, Manage, and Control Security, Access Control, Video, Energy & Lighting Systems, & Critical.

Welcome to the Award Winning Easiest to Use & Most Advanced View, Manage, and Control Security, Access Control, Video, Energy & Lighting Systems, & Critical.
ISecurity User Profile & System Value Replication.

ISecurity User Profile & System Value Replication.
1 Authority on Demand Flexible Access Control Solution.

1 Authority on Demand Flexible Access Control Solution.
Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.

Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.
Authority on Demand Control Authority Rights & Emergency Access.

Authority on Demand Control Authority Rights & Emergency Access.
Wisconsin Department of Public Instruction

Wisconsin Department of Public Instruction
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
High Availability Group 08: Võ Đức Vĩnh50703006 Nguyễn Quang Vũ50703033.

High Availability Group 08: Võ Đức Vĩnh Nguyễn Quang Vũ
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Time System What is this all about? The purpose of this project is to automate how Evergreen collects, records and manages employees’ dates and times worked.

Time System What is this all about? The purpose of this project is to automate how Evergreen collects, records and manages employees’ dates and times worked.
SYSLOG Real-Time Monitoring of System i Events. What is SYSLOG? Multi server environments are now the reality at most sites; however the number of operators.

SYSLOG Real-Time Monitoring of System i Events. What is SYSLOG? Multi server environments are now the reality at most sites; however the number of operators.
1 Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting.

1 Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting.
1 System Control & MSGQ. 2 System Control & MSGQ Features Uses QSYSOPR or any application message queue data as input to iSecurity Action module Enables.

1 System Control & MSGQ. 2 System Control & MSGQ Features Uses QSYSOPR or any application message queue data as input to iSecurity Action module Enables.
© Softmark www.softmark.com www.softmark.com - 1 - Continuous Availability Operational Simplicity Financial Advantage Secure Your Stratus Systems VOS Auditor.

© Softmark Continuous Availability Operational Simplicity Financial Advantage Secure Your Stratus Systems VOS Auditor.
1 Action Automated Security Breach Reporting and Corrections.

1 Action Automated Security Breach Reporting and Corrections.

Similar presentations

Ads by Google