Other Types of Threat and Exploitation › Computer Operators
Computer Operators
Ensure that operators have only those privileges that are required to perform their job functions.
The operations personnel have physical access to data at your site and can access data through terminals and consoles.
Potential areas of threat include:
- Use of started tasks at the console.
- Use of programs that allow data to be displayed or even altered.
- Use of alternate IPL parameters.
- Misuse of CA Top Secret to change security control options.
Available CA Top Secret controls include:
- Use of started task passwords for critical/sensitive STCs.
- Use of started task accountability to provide an audit trail of sensitive started tasks.
- Ensure strict authorizations for use of backup/restore programs and functions, especially full‑volume operations.
- Controls over job submission, including assigning default ACIDs for local readers.
- CA Top Secret exit for further measures providing operator ACIDs that can only perform specific tasks.
Ensure that all entries to the system, including physical readers, are controlled through CA Top Secret.
Copyright © 2010 CA Technologies.
All rights reserved.
|
|