Implementing Security for STC › STC (Started Task) Considerations
STC (Started Task) Considerations
The operations area usually has extensive procedures to make operators responsible for the actions they take.
No matter how extensive the operations procedures are, STC control should be included in the implementation strategy.
You can:
- Define a procedure to the STC Record with a fixed ACID associated with each START. Depending on whether the ACID has a significant password you can either:
- Require the ACID operand password to assure sensitive procedures cannot be started without authorization.
- Assign NOPW to the STC ACID to rely on the physical security of operations and operator command security for console entry.
- Define a default policy for procedures undefined to the STC record.
- Define a procedure to the STC Record to prompt for an execution ACID and PASSWORD, when the authority for different instances of the same procedure may differ with each START command.
You can pre-prompt the operator for an STC entry accountability (STCACT) ACID and password to identify the operator who entered the START command. This is in addition to execution security provided by the STC-assigned, default, or prompted ACID.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|