System Command and Batch
Security Upgrade
Summary of Services
The objective is to provide XYZ Corp.
with the assistance and guidance to enhance their implementation of the Top
Secret System (TSS). This service will
address two very specific improvements. The first is to enact improved security
for System Commands and Operator Facility controls. The Console facility and
System Command security will be upgraded from WARN to FAIL mode. The second
improvement is to initiate a migration of the application batch userids from WARN to FAIL security enforcement mode. The
following is an summary of the steps to achieve those
goals. These steps are not meant to be
all-inclusive and may be modified as determined as review and progress is made
on the project.
System Command
and Operator Controls
·
Review and list all defined consoles on
the system.
·
Review the attributes of defined
consoles
·
Review to determine if all default
console attributes are in place
·
If there are some consoles not defined
to TSS, implement a process to begin creation of the consoles.
·
Review each console for the department
and profiles that it has access to, and needs access to.
·
Work to determine:
o
Which users should be authorized to
which system commands
o
Which system commands cannot be used
and by what users.
·
Review all entries in the ALL
RECORD. From the review remove all
necessary entries and add permissions to the correct resources in the
appropriate Profiles. The Console Facility will be placed in Fail Mode and not
run in Warn Mode at end of project.
Application Batch ID Security
·
Identify and inventory all application
batch userids on the system.
·
Define what applications these batch
ids should have access to using audited reports from Top Secret Warn Mode.
·
Review the associations and permissions
for the Application Ids and make necessary Permission adjustments.
·
Develop an on-going process for the
client to establish these associations for future ids. Application Ids in Batch
will be run in Fail Mode.