|
> From: rob@dekko.com > > That seems to be the solution for many people. People are tired > of dealing > with the security of the 400 so they have the 400 duplicate all data to an > intermediate box and then handle it from there. "Tired of dealing with the security of the 400"? You're the first person I've ever heard say that. I know people who can't be bothered with security because it takes some effort to do correctly, but most people who value data security appreciate the 400's built-in security model. "Duplicate all data"? A bit of hyperbole. I only suggested mirroring the data that you wish to allow unsecured access to. This is hardly "all data". I doubt sincerely that you want anonymous access to your general ledger. And if you allow unmonitored anonymous FTP or RUNRMTCMD to a machine where general ledger information is stored, and you haven't implemented a proper security model, then you have done just that. You might as post the information directly to the web. You want both secured and unsecured data on your mission-critical business machine. Most basic security models hold that one machine should not have both secured and unsecured data, but of all machines, the AS/400 is pretty good at allowing both. You have to do some upfront work, but it's not that difficult. It's far preferable, in my opinion, to allowing unfettered access. Opening up your machine in order to make your programming life easier just isn't a very good business decision. Joe
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
