As with any product, establishing the correct security controls for your deployments and methodologies is a key component to protecting your environments. While your SMP/E data sets and their access are controlled by your normal security practices, deployments, methodologies and the systems defined within the System Registry require special consideration to control who can do what within the CA CSM environment.
We recommend establishing strict controls on who can define and update the systems that are available to deploy products too. Except for those few people that are allowed to maintain those system definitions, display access (that is, SYSREG.@DISPLAY) to the system registry should be all the security authority that most people need to effectively manage product deployments.
As you have read, methodologies control the naming convention that will be used for the creation of the data sets on the system where the deployment is being targeted. The usage of a methodology should conform to any established naming standards for the platform. Additionally, setting up a methodology that does not meet your established standards could result in a failed deployment. We recommend that adding and changing methodologies be controlled within your security environment so that users do not inadvertently change methodologies that meet your standards.
If users need to be able to create their own methodologies for a specific system or a special test, we recommend setting the security permissions to METHOD.@SELF. This lets a CA CSM user with this authority create their own methodologies and limits their ability to update methodologies to only those that they have created. For most CA CSM users, METHOD.@DISPLAY is enough authority for deploying products.
Business Value:
CA CSM lets you use security considerations to protect your company's environments.
This also provides the manager responsible for these systems the flexibility to manage security considerations as required by your company.
More Information:
For more information, see the online help and the Administration Guide.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|