Re: Security Questions -- MIDRANGE-L

You did not mention using the SECTOOLS (and SECBATCH) menu. If you have not
looked at it, this is a great starting point for analyzing and setting up
your security.

There's also a security advisor in OpsNav, I believe, that can set up
system values, etc., according to your needs.

Remember not to spend more on security than the resource is worth.

Re: payroll - you'll probably need some management support, so start a
consciousness-raising effort vis-a-vis security. And a security audit might
be appropriate, and would support your efforts, as well as advise you on
what to do.

At 04:49 PM 7/16/02 -0500, you wrote:
>We are currently going through all of the users on our systems and removing
>any that have not been deleted for one reason or another. Through our
>looking, we have noticed people with authority that really didn't need it
>(like *SAVRST and *ALLOBJ). We are currently reviewing what people need for
>authority.
>
>1) What have you guys done to maintain security?
>
>2) How do you create new users? Do you have a "general" user which you copy
>from? Do you start from scratch?
>
>3) How do you eliminate the possibility of a user using the username for a
>password and not allow 'password' for a password?
>
>4) How often do you review the users and security?
>
>5) Payroll notifies us when people quit or have moved to a new position, but
>it doesn't tell us when remote users quit or have moved on. How do you
>handle this?
>
>Any suggestions would be appreciated.
>
>Mike Wills

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.