Our Job? Helping you make repairs, avoid problems and improve z/OS integrity. This results in a...
Transcript of Our Job? Helping you make repairs, avoid problems and improve z/OS integrity. This results in a...
Our Job?
Helping you make repairs, avoid problems and improve z/OS integrity.
This results in a safer and more secure environment for your business applications.
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
.
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Stakeholders in the future and fitness of z/OS:
Technical and Auditing Staff
Risk and Compliance Officers
Executive Management
CEO, The Board of Directors
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Today's Agenda:
Reality Check
Practical Viewpoints
How NewEra Solves Problems
Brief Product Demonstration
• Stu Henderson• Brian Cummings
NewEra Software
z/OS Integrity and Compliance
1. 70-80% of all mission-critical data resides on IBM Mainframes
2. 80-90% of all IBM Mainframes use z/OS as their primary OS
3. 100% of all z/OS systems are secured by one or more of:
z/OS Secure Server RACF CA-ACF2 CA-Top Secret
4. 98%(+/-) of all z/OS systems have “Integrity Exposures”
NewEra Software
z/OS Integrity and Compliance
Reality Check:
On the Road to enhanced z/OS integrity and sustained compliance:
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
Brian Cummings:
“The Implications of z/OS Integrity Exposures on organizational integrity and compliance.”
Stu Henderson:
“z/OS Integrity Exposures, why they exist and how best to address and document them.”
Our Guests:
On the Road to enhanced z/OS integrity and sustained compliance:
Stu Henderson:
NewEra Software
z/OS Integrity and Compliance
“z/OS Integrity Exposures, why they exist and how best to address and document them.”
The Henderson Group provides IT security and audit training, consulting, and security reviews for organizations with IBM mainframes.
Founder of the New York RACF Users Group. Editor of the "RACF User News" and of the "Mainframe Audit News“.
The Henderson Group offers seminars for security administrators and auditors. They are taught throughout North America.
301.229.7187 – [email protected] IT Audit Training or www.stuhenderson.com
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
Brian Cummings: “The Implications of z/OS Integrity Exposures on organizational integrity and compliance.”
30 years in information security, risk management, audit and business continuity.
Skilled in IBM’s z/OS operating system with a working knowledge of RACF, ACF2 and Top Secret.
North American Practice Manager, Information Risk ManagementTata Consultancy Services
650.996.6790 – [email protected]
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
Stand Alone Environment
z/OS Repair/Recovery
(SAE)
Image Control Environment
(ICE)
z/OS System Integrity
When z/OS is Down When z/OS is Up1989
z/OS SystemResources
z/OS Initialization& Processes
“ABC” Applications & Processes
C
B
A
z/OS
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
Helping you make repairs, avoid problems and improve z/OS integrity.
Our Job?
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
ICE
z/OS Fast Erase
The Control Editor
Image FOCUS
Image SENTRY
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
HIPAA(Health Insurance Portability and Accountability Act)
GLBA (Gramm-Leach-Bliley Financial Services Modernization Act)
Based on proprietary Stand Alone Technology ISPF interface control selection and activation Multiple passes, selectable patterns Background process, batch controls Full audit documentation and reporting Disaster Recovery site as needed
Ask about our migration option from SAE to ICE!
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
SAS70(Statement of Account Standards #70)Sarbanes-Oxley
Enhanced control, reporting and productivity No change in work pattern or flow required Document changes inline under TSO or ICE Assured Backup of critical members Search for and Restore as required Monitor for change activity Flexible, dynamic scope
When RACF, ACF2 and Top Secret are just not enough!
On the Road to enhanced z/OS integrity and sustained compliance:
Image FOCUS
z/OS Core Network SupplementalJES2/3
Inspectors InspectorsInspectors Inspectors
NewEra Software
z/OS Integrity and Compliance
SAS70(Statement of Account Standards #70)Sarbanes-Oxley
Virtualization of System/Sysplex Initialization Prediction of configuration failures Discovery of configuration changes Ongoing Configuration Surveillance A Trusted source of z/OS Information
On the Road to enhanced z/OS integrity and sustained compliance:
NewEra Software
z/OS Integrity and Compliance
Image SENTRY
Auditing Hardware SoftwareOSHealth
UACC Explorer IODF ExplorerCKCK Explorer IFCE Explorer
SAS70(Statement of Account Standards #70)Sarbanes-Oxley
A collection of real-time analytic tools Auditing z/OS with RACF, ACF2 and Top Secret Sysplex-Wide z/OS Health Checking HCD/HCM Change Mgmt. & Reporting Sysplex-Wide Change Analysis
z/OS Auditing UACC ACF2 TOPSProcess/Targets
1 - Discovery
2 - Extract
3 - Analysis
4 - Blueprint
5 - Changes
6 - Reports
7 - Displays
Beta Ready
8 - Monitor
Image SENTRY– Application Development Overview and Status – UACC Explorer
Beta Ready
NewEra Software
z/OS Integrity and Compliance
When RACF, ACF2 and TSSare not enough!
Bob ManciniDirector, Product Marketing
NewEra Software
z/OS Integrity and Compliance
Accepting Applications to Join Beta Team 2009
z/OS Fast DASD Erase
The Control Editor
Image SENTRY
Upcoming Webcasts
For Details Contact
Jerry SeefeldtDirector, [email protected]
NewEra Software
z/OS Integrity and Compliance
Introduction to Image FOCUS – October 15th
Introduction to Fast DASD Erase – October 14th
Introduction to The Control Editor – October 21st
Introduction to Image SENTRY – October 9th