tel: 01932 887489 | email: [email protected]

Publications

Here’s just a little of what we’ve been up to over the last few years:

February 2018

Presentation to GSE UK Enterprise Security Working Group
Market Research project for NewEra Software, Inc.
»View Presentation

March 2017

Mainframe Superheroes – a consolidation of all of the Mainframe Great and Good interviews
»Get a copy here

February 2017

Mark Nelson – One of the Mainframe Great and Good interviews
»Get a copy here 

November 2016

Julie-Ann presented “So how do I actually apply DISA STIGs to ACF2, RACF and/or TSS?” at the GSE UK Conference

»View Presentation

December 2015

z/Auditing Essentials: Volume 2 for CA ACF2
Mastering CA ACF2 – GSO
»Get a copy here

November 2015

Julie-Ann presented 2 sessions at CA World in Las Vegas:

“How to Increase User Accountability by Eliminating the Default User in Unix Systems Services (USS) in z/OS” »View Presentation

and

“Is Complacency Around Mainframe Security A Disaster Waiting To Happen?”
»Watch the presentation here

November 2015

Julie-Ann presented “Implementing RBAC – A Radical Approach For A Massive Project?” at the GSE UK Conference
»View Presentation

October 2015

z/Auditing Essentials: Volume 2 for CA Top Secret
Taming TSS
»Get a copy here

July 2015

z/Auditing Essentials: Volume 2
The Taming of SETROPTS
»Get a copy here

November 2014

millennia… were Silver Sponsors at this year’s GSE UK Conference.

Mick Gray  presented “Look after the pennies and the pounds will look after themselves?” to the Software Asset Management stream.

The rest of the team ran a stand at the Expo celebrating 50 years of the mainframe. 

Julie-Ann may have been slightly responsible for organising a flash mob at the conference dinner with dozens of people joining her on stage to dance to the music of 1964 – the year of the first mainframe.

»Watch footage of the flash mob!

17th July 2014

Julie-Ann presented a webinar: Is USS the Elephant in the Room?
»View Publication

21st May 2014

Julie-Ann presented on behalf of New Era Software Inc: Redundancy of Mainframe vs Security
»View Publication

5th March 2014

Julie-Ann spoke to the University of Bedfordshire (BEAMS): The 21st Century Mainframe
»View Publication 

5th/6th November 2013

Julie-Ann presented “Who’s REALLY in Charge of your Mainframe Security” – at the GSE in the Whittlebury Hall
»View Publication

October 2013

Julie-Ann presented “Introduction & Managing a 21st Century Mainframe”
»View Publication

14th/15th May 2013

Julie-Ann presented “We’ve never met a Mainframe we couldn’t Hack – UK” at CMG in the CBI London
»View Publication

November 2012

Julie-Ann presented “Securing the “Cool Bits” in CA SYSVIEW® using RACF” at the GSE UK Conference.
»View Publication 

Update of presentation given at CA World 2011.

April 2012

Cheryl Watson – Ahead of the Performance Curve published.
»View Publication

This is a second paper introducing a “Who’s Who” of some of the brightest, and yet under-sung stars of our mainframe generation – Cheryl Watson has been synonymous with Performance and Capacity Management for much of her career. This book outlines her life and career to date. The appendix contains an article on z/OSMF that Cheryl wrote specially for this publication.

January 2012

Barry Schrager – The Beginning of Data Security published.
»View Publication

In 1974, Barry Schrager, the principal developer of ACF2 (now CA ACF2), wrote a 15 page document outlining the SHARE Security Project’s Goals for Data Security. This book outlines Barry’s life and career to date and incorporates that original security paper in the appendices. It’s interesting to note just how much of it is fresh and applicable today.

November 2011

Julie-Ann presented another overview of z/Auditing Essentials – Volume 1 subtitled “Has the Horse Already Bolted?” at the GSE UK Conference.
»View Publication

The movie War Games (released in 1983) introduced the wider world to the idea of Back Doors in computer programs. But there are 2 entrances to most homes and businesses; the Front Door and the Back Door. You can have a flawless security system on your Back Door but if you don’t at least close the Front Door you will still lose your belongings to an opportunist thief. The same is true of any computer system. What we have all been auditing and securing on System z up until now are the Back Doors (secured using CA ACF2, CA TSS and/or RACF).

Most other platform’s audits take configuration management (the primary location of most System z Front Doors) into account but on z it is somehow considered to be achieved by magic. IBM encourage this thought process by providing “wizards” to help with everything from setting up logical partitions to assigning I/O devices to specific control devices through to the software Healthchecker(s). Expelliarmus!

I am not saying that what I am going to talk about in this session is currently BAU (Business As Usual aka normal practice) for Auditors or Security Analysts or even Systems Programmers. What I am saying is that it SHOULD be!

November 2011

Julie-Ann presented to CA World: Think it’s Just Performance? How millennia… Implements CA SYSVIEW® to Improve z/OS Functionality and Security!
»View Publication

Every CA SYSVIEW® Performance Management user already knows it is a very powerful tool but millennia… will share some really clever ways it is exploiting CA SYSVIEW to improve z/OS functionality and security.
From reducing the time to diagnose problems to updating the shape of the z/OS system, CA SYSVIEW provides help that’s not available in native z/OS.

This session will describe how to use CA SYSVIEW to secure each of these functions using your external security manager.  Both CA SYSVIEW users and mainframe security administrators will benefit from these helpful suggestions on how to meet your ever-increasing IT security requirements.

August 2011

Julie-Ann presented to SHARE in Florida: Compensating Controls aka How This Systems Programmer Got Her Groove Back!
»View Publication

This SHARE’d experience looks at one Team’s efforts in helping a major International Bank to provide the compensating controls required by management to enable the Systems Programming Team to actually be effective.

Changing the z/OS configuration and the impact that it could have on compliance makes us all a little anxious these days. Although we Systems Programmers understand that z/OS requires more or less constant tweaking, we also recognise that concerns about potentially introducing problems are valid. Even so, there’s very little that’s worse than trying to fix a z/OS problem in the early hours of the morning only to get shut out by the External Security Manager!

This session will look at a new approach. By cooperating with Audit and Security in our willingness to provide compensating controls we can end up in a much better position – both for mission critical services and for the technicians tasked with looking after those services. Whilst other solutions are available, I will be discussing a real life example of implementing those controls – how we did it technically (using NewEra Software’s Image FOCUS and Control Editor products) and how we managed to get buy in from all the relevant parties.

November 2010

Julie-Ann presented an overview of z/Auditing Essentials – Volume 1 subtitled “Front Doors” at the GSE UK Conference.

This presentation introduced the GSE audience to the idea of Front Doors on System z. What are they and why should we all care?
»View Publication

July 2010

Julie-Ann presented to the GSE UK Large Systems Working Group – Demystifying the IODF.
»View Publication

An IODF (Input/Output Definition File) is the set of logical configuration statements that define hardware resources available to the z/OS operating system (OSCP) and the System z platform hardware (IOCP), their related ESCON/FICON Directors (SWCP), if any, and the connections between these resources. No news there then.

So why should you care about IODF now?

Pre 1995 most system programmers understood the IOCP macros and overall configuration of their environment. Few today are trusted to delve into HCD and HCM which are now used to maintain the IODF. Changes in hardware are essential but tough to manage. Whilst getting a view of the physical and logical connections is near impossible!

Security: A badly managed IODF presents a number of opportunities to compromise the security of z/OS and the data behind the operating system. Sadly this is not a widely acknowledged fact as most people do not really understand HCD and so may not have a full understanding of their configuration. This lack of understanding means that real security and risk factors are not being shared with the Audit community.

Performance: The balance or in reality the lack of balance, between the UCB as built from an OSCP, and the UCW as built from an IOCP, has a major effect on the integrity of a z/OS Sysplex and its images. Any lack of integrity with the IODF can lead to IPL failures, loss of access to data/subsystems and an inability to run critical business applications on the System z platform.

June 2010

z/Auditing Essentials – A Beginners Guide published.
»View Publication

One of the foundation elements of any mainframe installation is the set of files that define the hardware, including which hardware elements are shared, and which are connected to each other. These files, which have no analogue in the distributed world, are called the IODF. They are essential to a comprehensive audit since they dictate the paths across which data can be shared in a mainframe data center.

August 2009

CICS Essentials – Auditing CICS – A Beginner’s Guide published.
»View Publication

The CICS Essentials collection explains the technobabble and acronymania usually found in IBM documentation into words REAL people can use and understand. More importantly, it explains where the critical risks are hidden within the CICS-arcana, and how to properly apply good security and control practices without sacrificing operational capabilities. Doc Farmer

Podcasts

Below you can find recordings of our educational webinars. More will be added over time

»We never met a mainframe we couldn’t hack!