On Sat, 26 Jan 2008 12:12:51 -0600, Ed Gould <[EMAIL PROTECTED]> wrote:
That Windows data cannot be adequately secured is a canard. I'm not disputing that RACF (and mainframe architecture) has some unique strengths, but organizations do securely maintain and operate data on Windows and *nix servers. >Its *ACCESSING* MF data for all they know you could be updating it or >reading information that you(the user) are *NOT* supposed to >access ... oh lets say SSN#, payroll information, account balances or >accounts rec/pay the list goes on and on and on. There is *NO* record >of the user accessing the data and no check to be able to see if the >user is even allowed. Windows security allows for fine grained permissions and full auditing. >Just because it comes from an "IP" address >doesn't mean squat and besides PCs are kept in open areas where >anyone can just walk up to it. Don't confuse the desktop PC with the server. The desktop is a terminal, just like your 3270 session. The data and the access control is kept on a server. I would assume all organizations keep servers physically secured, as they do the mainframe. > If there is no sign on then there is >no validation of what the user can do. I'm sure all enterprise installations use signon. >MF security (I won't use the four letters you don't want to talk >about ) is a *KNOWN* quantity and auditors trust it, this PC you are >talking about has essentially zero security (not quite but close to). >If you can get the OK from an auditor I sure wouldn't want to have my >business(or personel) records anywhere near the company. Our Windows based server security is validated (and approved) by the auditors using the same criteria as mainframe data -- demonstration of who has access, audit trails, control of software and procedures etc. -Rob Wunderlich ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
