Access to IBM Security zSecure program resources must be limited to authorized users.
An XCCDF Rule
Description
Functional access (which is controlled with access to XFACILIT profiles) must not commingle multiple functions under a single resource profile.
- ID
- SV-259732r961095_rule
- Version
- ZSEC-00-000120
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Ensure READ and higher access to zSecure program resources is restricted to the appropriate staff members.
READ and higher access can be given to security administrators, decentralized security administrators, security batch jobs that perform ESM maintenance, and trusted STC users.
The following commands are provided as a sample for implementing zSecure functional resource controls:
rdef CKF.<focus> uacc(none) owner(zSecure owner)