Security over system programmers is a trade‑off between function and exposure. Surveillance and auditing create some assurance that system programmers have not subverted the system. The greatest single exposure is update access of APF‑authorized libraries. Restrict updates to the APF-authorized repositories. Performing continuous audits is mandatory and all updates must be justified. Include the programs in this library in your periodic audits.
Unless required every day, access to critical system data sets should be allowed only through a super ACID. This ACID's activity is audited to leave an audit trail.
The key to controlling system programming is the control of APF library alterations, the use of AC(1), PROCLIB control (STC control), and use of super ACIDs.
The TSSAUDIT utility determines the contents of APF‑authorized libraries. For information, see the Report and Tracking Guide.
|
Copyright © 2010 CA Technologies.
All rights reserved.
|
|