Managing security
Once you've planned and implemented your security strategy, there remains the task of managing the security of your system.
These topics will guide you through setting up your security management
plan:
- Back up and recover security information
- Manage security information
- Manage service tools user IDs
- Protect against computer viruses
- Restricting save and restore capability
Part of your security system should be controlling users' save and restore capabilities. - Saving security information
You need to plan how you will save and restore security information. - Restoring security information
Recovering your system often requires restoring data and associated security information. - Managing security information
How you will manage your security information is an important part of your security plan. - Configuring the system to use security tools
When you install IBM® i operating system, the security tools are ready to use. The topics that follow provide suggestions for operating procedures with the security tools. - Using security exit programs
Some system functions provide an exit so that your system can run a user-created program to perform additional checking and validation. For example, you can set up your system to run an exit program every time that someone attempts to open a distributed data management (DDM) file on your system. - Managing service tools user ID
You can manage service tool user IDs by using dedicated service tools (DST) , system service tools (SST), and System i® Navigator. - Protecting against computer viruses
Your security policies must be designed to protect your system from computer viruses and malicious programs. - Checking for objects that do not have public authority of *EXCLUDE
The Print Publicly Authorized Objects (PRTPUBAUT) command allows you to print a report of the specified objects that do not have public authority of *EXCLUDE. This is a way to check for objects that every user on the system is authorized to access. - Checking for different sources of authority to objects
The Print Private Authorities (PRTPVTAUT) command allows you to print a report of all the private authorities for objects of a specified type in a specified library, folder, or directory. The report lists all objects of the specified type and the users that are authorized to the object. This is a way to check for different sources of authority to objects. - Checking the settings for security-related system values and network attributes
The Print System Security Attributes (PRTSYSSECA) command allows you to print a report of the settings for security-relevant system values and network attributes that are recommended for systems with normal security requirements. It also shows the current settings on your system.
Parent topic: Planning and setting up system security