Health Checks
The health
check service provides in depth analysis of specific areas in z/OS. After
minimum of
2 days of information gathering on site, we produce a detailed report
covering areas of concern and potential exploitation. These results are
then also given as a presentation to the staff members who would most
benefit from the information. Some of the health checks we perform regularly
are:
- z/OS
- Unix Systems Services
- Networks
- Hardware
- Security (CA-ACF2, CA-Top Secret and RACF)
- Lack of available skills has led to a similar set of problems being
uncovered within the security of most mainframe sites:
1) Not all resources are protected (or are incorrectly protected)
2) Many data set rules offer insufficient protection
3) Organisation using USS but without defining any security
4) Unprotected APF libraries
5) Access control repository not adequately protected
6) Many users have higher levels of administration rights than they need
7) Many users are inactive (typically a problem when greater than 20%)
8) Over reliance on defaults
9) Only one production batch id and it has too much access
10) Little or no security event reporting
Use these services to make sure you are in
the best possible position to move fast when the potential exploitation becomes a
reality on the mainframe in your organisation.
|