Automated job scheduling can greatly help with managing government regulations.

By Tom Huntington

Are you working too hard in production control to keep up with SOX audits, HIPAA requirements, or any computer operation audit? Does your team spend a considerable amount of time assembling paper documents, filling out checklists, or manually updating run books? Do you have to work overtime to fulfill these requests? Preparing for audits around production control should not be this difficult.

In the ongoing process of securing your system, you may choose to address the default setting of the QCRTAUT system value.

By Carol Woodbury

Before I get into the considerations you need to make before changing this value, let's discuss the purpose of the QCRTAUT system value.

What Is QCRTAUT?

QCRTAUT (Create authority) provides the *PUBLIC authority setting when most i5/OS objects are created.

Do your developers and administrators need access to production systems?

By Tom Huntington

How much authority do your developers and administrators need on your production systems? Does each programmer need *ALLOBJ authority? Have you ever failed a security audit because of too many user profiles with too much special authority? When end users call your Help Desk for help with authority problems, does the Help Desk ask for the end user's password and then sign on to test the authority issue?

Santa, SkyView Partners, and i5/OS all have gifts for you!

At this time of year, children of all ages are snooping for those treasures that have been hidden and will eventually appear as beautifully wrapped presents. But until then, the hunt is on! So I thought it might be fun to "unveil" a few of the hidden treasures of i5/OS security.

NetServer Connections

One of the latest i5/OS gifts that I discovered is the ability to see who is connected to the NetServer server and which file share they used to make the connection. I've found this very helpful in determining the feasibility of removing file shares, especially those to root. Simply open iSeries Navigator -> Network -> Servers and click on TCP/IP. When the list of servers appears on the right, right-click on iSeries NetServer and choose Open.

Make your i5/OS audits as smooth as possible.

Some industries, such as finance, seem to have audits every other month—others, only once a year. Regardless of the frequency of your audits, they take up your time and energy. SkyView Partners' products and services reduce the cost of audits and eliminate the complexity of complying with the requirements of various laws and regulations. Auditors may not have actual knowledge of i5/OS security, but they typically have a "playbook" of audit points to look for in your i5/OS security configuration. Let's look at the most common ones.

Is the QAUDJRN security audit journal cluttered with too much information?

You hear the same complaints again and again: The security audit journal, QAUDJRN, contains too many entries. It's too hard to make sense of all the details. Do you really care that you have 1,592 program-adopt entries one day and only 450 the next? Do you need to copy the journal receiver to a database file every day? What exactly do all the different entry types mean?