Here’s just a little of what we’ve been up to over the last few years:
Presentation to GSE UK Enterprise Security Working Group
Market Research project for NewEra Software, Inc.
Mainframe Superheroes – a consolidation of all of the Mainframe Great and Good interviews
»Get a copy here
Mark Nelson – One of the Mainframe Great and Good interviews
»Get a copy here
Julie-Ann presented “So how do I actually apply DISA STIGs to ACF2, RACF and/or TSS?” at the GSE UK Conference
z/Auditing Essentials: Volume 2 for CA ACF2
Mastering CA ACF2 – GSO
»Get a copy here
Julie-Ann presented 2 sessions at CA World in Las Vegas:
“How to Increase User Accountability by Eliminating the Default User in Unix Systems Services (USS) in z/OS” »View Presentation
“Is Complacency Around Mainframe Security A Disaster Waiting To Happen?”
»Watch the presentation here
Julie-Ann presented “Implementing RBAC – A Radical Approach For A Massive Project?” at the GSE UK Conference
z/Auditing Essentials: Volume 2 for CA Top Secret
»Get a copy here
z/Auditing Essentials: Volume 2
The Taming of SETROPTS
»Get a copy here
millennia… were Silver Sponsors at this year’s GSE UK Conference.
Mick Gray presented “Look after the pennies and the pounds will look after themselves?” to the Software Asset Management stream.
The rest of the team ran a stand at the Expo celebrating 50 years of the mainframe.
Julie-Ann may have been slightly responsible for organising a flash mob at the conference dinner with dozens of people joining her on stage to dance to the music of 1964 – the year of the first mainframe.
17th July 2014
Julie-Ann presented a webinar: Is USS the Elephant in the Room?
21st May 2014
Julie-Ann presented on behalf of New Era Software Inc: Redundancy of Mainframe vs Security
5th March 2014
Julie-Ann spoke to the University of Bedfordshire (BEAMS): The 21st Century Mainframe
5th/6th November 2013
Julie-Ann presented “Who’s REALLY in Charge of your Mainframe Security” – at the GSE in the Whittlebury Hall
Julie-Ann presented “Introduction & Managing a 21st Century Mainframe”
14th/15th May 2013
Julie-Ann presented “We’ve never met a Mainframe we couldn’t Hack – UK” at CMG in the CBI London
Julie-Ann presented “Securing the “Cool Bits” in CA SYSVIEW® using RACF” at the GSE UK Conference.
Update of presentation given at CA World 2011.
Cheryl Watson – Ahead of the Performance Curve published.
This is a second paper introducing a “Who’s Who” of some of the brightest, and yet under-sung stars of our mainframe generation – Cheryl Watson has been synonymous with Performance and Capacity Management for much of her career. This book outlines her life and career to date. The appendix contains an article on z/OSMF that Cheryl wrote specially for this publication.
Barry Schrager – The Beginning of Data Security published.
In 1974, Barry Schrager, the principal developer of ACF2 (now CA ACF2), wrote a 15 page document outlining the SHARE Security Project’s Goals for Data Security. This book outlines Barry’s life and career to date and incorporates that original security paper in the appendices. It’s interesting to note just how much of it is fresh and applicable today.
Julie-Ann presented another overview of z/Auditing Essentials – Volume 1 subtitled “Has the Horse Already Bolted?” at the GSE UK Conference.
The movie War Games (released in 1983) introduced the wider world to the idea of Back Doors in computer programs. But there are 2 entrances to most homes and businesses; the Front Door and the Back Door. You can have a flawless security system on your Back Door but if you don’t at least close the Front Door you will still lose your belongings to an opportunist thief. The same is true of any computer system. What we have all been auditing and securing on System z up until now are the Back Doors (secured using CA ACF2, CA TSS and/or RACF).
Most other platform’s audits take configuration management (the primary location of most System z Front Doors) into account but on z it is somehow considered to be achieved by magic. IBM encourage this thought process by providing “wizards” to help with everything from setting up logical partitions to assigning I/O devices to specific control devices through to the software Healthchecker(s). Expelliarmus!
I am not saying that what I am going to talk about in this session is currently BAU (Business As Usual aka normal practice) for Auditors or Security Analysts or even Systems Programmers. What I am saying is that it SHOULD be!
Julie-Ann presented to CA World: Think it’s Just Performance? How millennia… Implements CA SYSVIEW® to Improve z/OS Functionality and Security!
Every CA SYSVIEW® Performance Management user already knows it is a very powerful tool but millennia… will share some really clever ways it is exploiting CA SYSVIEW to improve z/OS functionality and security.
From reducing the time to diagnose problems to updating the shape of the z/OS system, CA SYSVIEW provides help that’s not available in native z/OS.
This session will describe how to use CA SYSVIEW to secure each of these functions using your external security manager. Both CA SYSVIEW users and mainframe security administrators will benefit from these helpful suggestions on how to meet your ever-increasing IT security requirements.
Julie-Ann presented to SHARE in Florida: Compensating Controls aka How This Systems Programmer Got Her Groove Back!
This SHARE’d experience looks at one Team’s efforts in helping a major International Bank to provide the compensating controls required by management to enable the Systems Programming Team to actually be effective.
Changing the z/OS configuration and the impact that it could have on compliance makes us all a little anxious these days. Although we Systems Programmers understand that z/OS requires more or less constant tweaking, we also recognise that concerns about potentially introducing problems are valid. Even so, there’s very little that’s worse than trying to fix a z/OS problem in the early hours of the morning only to get shut out by the External Security Manager!
This session will look at a new approach. By cooperating with Audit and Security in our willingness to provide compensating controls we can end up in a much better position – both for mission critical services and for the technicians tasked with looking after those services. Whilst other solutions are available, I will be discussing a real life example of implementing those controls – how we did it technically (using NewEra Software’s Image FOCUS and Control Editor products) and how we managed to get buy in from all the relevant parties.
Julie-Ann presented an overview of z/Auditing Essentials – Volume 1 subtitled “Front Doors” at the GSE UK Conference.
This presentation introduced the GSE audience to the idea of Front Doors on System z. What are they and why should we all care?
Julie-Ann presented to the GSE UK Large Systems Working Group – Demystifying the IODF.
An IODF (Input/Output Definition File) is the set of logical configuration statements that define hardware resources available to the z/OS operating system (OSCP) and the System z platform hardware (IOCP), their related ESCON/FICON Directors (SWCP), if any, and the connections between these resources. No news there then.
So why should you care about IODF now?
Pre 1995 most system programmers understood the IOCP macros and overall configuration of their environment. Few today are trusted to delve into HCD and HCM which are now used to maintain the IODF. Changes in hardware are essential but tough to manage. Whilst getting a view of the physical and logical connections is near impossible!
Security: A badly managed IODF presents a number of opportunities to compromise the security of z/OS and the data behind the operating system. Sadly this is not a widely acknowledged fact as most people do not really understand HCD and so may not have a full understanding of their configuration. This lack of understanding means that real security and risk factors are not being shared with the Audit community.
Performance: The balance or in reality the lack of balance, between the UCB as built from an OSCP, and the UCW as built from an IOCP, has a major effect on the integrity of a z/OS Sysplex and its images. Any lack of integrity with the IODF can lead to IPL failures, loss of access to data/subsystems and an inability to run critical business applications on the System z platform.
z/Auditing Essentials – A Beginners Guide published.
One of the foundation elements of any mainframe installation is the set of files that define the hardware, including which hardware elements are shared, and which are connected to each other. These files, which have no analogue in the distributed world, are called the IODF. They are essential to a comprehensive audit since they dictate the paths across which data can be shared in a mainframe data center.
CICS Essentials – Auditing CICS – A Beginner’s Guide published.
The CICS Essentials collection explains the technobabble and acronymania usually found in IBM documentation into words REAL people can use and understand. More importantly, it explains where the critical risks are hidden within the CICS-arcana, and how to properly apply good security and control practices without sacrificing operational capabilities. Doc Farmer
Below you can find recordings of our educational webinars. More will be added over time