Any ID that can grant privileges to another ID. On Mon, May 16, 2016 at 2:47 PM, Jerry Whitteridge <jerry.whitteri...@safeway.com> wrote: > I'd reply to the Auditor "Please define Admin access as there is no one > privilege that grants all access" > > Jerry Whitteridge > Manager Mainframe Systems & Storage > Albertsons - Safeway Inc. > 925 738 9443 > Corporate Tieline - 89443 > > If you feel in control > you just aren't going fast enough. > > > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Lester, Bob > Sent: Monday, May 16, 2016 12:40 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: EXTERNAL: Re: [EXTERNAL] Re: smp/e sha-2 support? > > Hi All, > > What would you make of this request: "Show me all the users that have > admin. Access on the mainframe". ? > > Thanks! > BobL > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Jerry Whitteridge > Sent: Monday, May 16, 2016 1:38 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: EXTERNAL: Re: [EXTERNAL] Re: smp/e sha-2 support? [ EXTERNAL ] > > And anyone that thinks Auditors don't set policy and rules hasn't worked in > the commercial environment for a while. Let alone the fact of having to train > PCI Auditors that the Mainframe isn't just a slightly bigger PC or Windows > server. Some shops could best be summarized as "What the Auditor Wants - The > Auditor Gets (Even if it makes no sense at all)" > > Even though John is absolutely correct on the implications of using SHA1 for > the purposes of receiving patches - the knee jerk reaction is "SHA1 has been > superseded as its insecure - everyone must move to SHA2" (unsaid is even > though it makes no sense for what the purpose is) > > Jerry Whitteridge > Manager Mainframe Systems & Storage > Albertsons - Safeway Inc. > 925 738 9443 > Corporate Tieline - 89443 > > If you feel in control > you just aren't going fast enough. > > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Dyck, Lionel B. (TRA) > Sent: Monday, May 16, 2016 12:26 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: EXTERNAL: Re: [EXTERNAL] Re: smp/e sha-2 support? > > What's going to happen is that IBM will not support SHA-2 (or -3) and every > shop with any degree of security (hipaa, sox, dod, ...) will cease to be able > to use the internet delivery option. Being told to create an RFE for > something that is obvious is troubling and to be told that it doesn't matter > is worse. This is not my first shop where auditors dictate a higher level of > security than most think required but they are following guidelines from > someone higher up that can't be argued with. > > Somehow I don't think I'm the first to raise this nor will I be the last. > > > -------------------------------------------------------------------------- > Lionel B. Dyck > > --- Opinions expressed are my own and not my employer --- > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Phil Smith III > Sent: Monday, May 16, 2016 10:48 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: [EXTERNAL] Re: smp/e sha-2 support? > > Charles Mills wrote: > >>I suspect you've got a problem, however. There's a saying in sales >>"when > you > >>explain, you lose." I can hear auditors saying "SHA-1 -- no good -- > security > >>exposure" and I would not want to be the one explaining what you say >>below > >>to them. > > > >>Perhaps I underestimate IT auditors. I just know the "buzzword kneejerk" > >>problem. > > > > I reluctantly have to support this position (not because I don't generally > agree with Charles, but because it flies in the face of reason). > > > > "Trouble is, sheep are very dim. Once they get an idea in their 'eads, > there's no shiftin' it." Same applies to far too many auditors/QSAs/et al. > > > > SHA-1 is dead; "good enough" or not, there's no reason to use it any more, > given that SHA-2 (and, hey, SHA-3!) exist, eh? > > > > .phsiii > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ________________________________ > Warning: All e-mail sent to this address will be received by the corporate > e-mail system, and is subject to archival and review by someone other than > the recipient. This e-mail may contain proprietary information and is > intended only for the use of the intended recipient(s). If the reader of this > message is not the intended recipient(s), you are notified that you have > received this message in error and that any review, dissemination, > distribution or copying of this message is strictly prohibited. If you have > received this message in error, please notify the sender immediately. > ________________________________ > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > This e-mail transmission may contain information that is proprietary, > privileged and/or confidential and is intended exclusively for the person(s) > to whom it is addressed. Any use, copying, retention or disclosure by any > person other than the intended recipient or the intended recipient's > designees is strictly prohibited. If you are not the intended recipient or > their designee, please notify the sender immediately by return e-mail and > delete all copies. OppenheimerFunds may, at its sole discretion, monitor, > review, retain and/or disclose the content of all email communications. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ________________________________ > Warning: All e-mail sent to this address will be received by the corporate > e-mail system, and is subject to archival and review by someone other than > the recipient. This e-mail may contain proprietary information and is > intended only for the use of the intended recipient(s). If the reader of this > message is not the intended recipient(s), you are notified that you have > received this message in error and that any review, dissemination, > distribution or copying of this message is strictly prohibited. If you have > received this message in error, please notify the sender immediately. > ________________________________ > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
-- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN