NewEra Software z/OS Integrity and Compliance

Download Report

Transcript NewEra Software z/OS Integrity and Compliance 

NewEra Software
z/OS Integrity and Compliance
Our Job?
Helping you make repairs, avoid problems and improve z/OS integrity.
This results in a safer and more secure environment for your business applications.
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
.
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Stakeholders in the future and fitness of z/OS:
 Technical and Auditing Staff
 Risk and Compliance Officers
 Executive Management
 CEO, The Board of Directors
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Today's Agenda:
 Reality Check
 Practical Viewpoints
• Stu Henderson
• Brian Cummings
 How NewEra Solves Problems
 Brief Product Demonstration
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Reality Check:
1. 70-80% of all mission-critical data resides on IBM Mainframes
2. 80-90% of all IBM Mainframes use z/OS as their primary OS
3. 100% of all z/OS systems are secured by one or more of:



4.
z/OS Secure Server RACF
CA-ACF2
CA-Top Secret
98%(+/-) of all z/OS systems have “Integrity Exposures”
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Our Guests:
Stu Henderson:
“z/OS Integrity Exposures, why they exist and
how best to address and document them.”
Brian Cummings:
“The Implications of z/OS Integrity Exposures on
organizational integrity and compliance.”
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Stu Henderson:
“z/OS Integrity Exposures, why they exist and
how best to address and document them.”
The Henderson Group provides IT security and audit training, consulting,
and security reviews for organizations with IBM mainframes.
Founder of the New York RACF Users Group.
Editor of the "RACF User News" and of the "Mainframe Audit News“.
The Henderson Group offers seminars for security administrators
and auditors. They are taught throughout North America.
301.229.7187 – [email protected]
Google IT Audit Training or www.stuhenderson.com
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
Brian Cummings:
“The Implications of z/OS Integrity Exposures on
organizational integrity and compliance.”
30 years in information security, risk management,
audit and business continuity.
Skilled in IBM’s z/OS operating system with a working
knowledge of RACF, ACF2 and Top Secret.
North American Practice Manager, Information Risk Management
Tata Consultancy Services
650.996.6790 – [email protected]
www.tcs.com
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
(SAE)
(ICE)
Stand Alone Environment
Image Control Environment
z/OS
Repair/Recovery
z/OS
System Integrity
1989
When z/OS is Down
When z/OS is Up
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
“ABC” Applications
& Processes
A
z/OS Initialization
& Processes
z/OS
z/OS System
Resources
B
C
Our Job?
Helping you make repairs, avoid problems and improve z/OS integrity.
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:
The Control Editor
Image FOCUS
ICE
Image SENTRY
z/OS Fast Erase
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:






Based on proprietary Stand Alone Technology
ISPF interface control selection and activation
Multiple passes, selectable patterns
Background process, batch controls
Full audit documentation and reporting
Disaster Recovery site as needed
Ask about our migration option from SAE to ICE!
HIPAA(Health Insurance Portability and Accountability Act)
GLBA (Gramm-Leach-Bliley Financial Services Modernization Act)
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:







Enhanced control, reporting and productivity
No change in work pattern or flow required
Document changes inline under TSO or ICE
Assured Backup of critical members
Search for and Restore as required
Monitor for change activity
Flexible, dynamic scope
When RACF, ACF2 and Top Secret are just not enough!
SAS70(Statement of Account Standards #70)
Sarbanes-Oxley
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:





Virtualization of System/Sysplex Initialization
Prediction of configuration failures
Discovery of configuration changes
Ongoing Configuration Surveillance
A Trusted source of z/OS Information
Image FOCUS
z/OS Core
JES2/3
Network
Supplemental
Inspectors
Inspectors
Inspectors
Inspectors
SAS70(Statement of Account Standards #70)
Sarbanes-Oxley
NewEra Software
z/OS Integrity and Compliance
On the Road to enhanced z/OS integrity and sustained compliance:





A collection of real-time analytic tools
Auditing z/OS with RACF, ACF2 and Top Secret
Sysplex-Wide z/OS Health Checking
HCD/HCM Change Mgmt. & Reporting
Sysplex-Wide Change Analysis
Image SENTRY
Auditing
OSHealth
Hardware
Software
UACC Explorer
CKCK Explorer
IODF Explorer
IFCE Explorer
SAS70(Statement of Account Standards #70)
Sarbanes-Oxley
NewEra Software
z/OS Integrity and Compliance
Image SENTRY– Application Development Overview and Status – UACC Explorer
Process/Targets
z/OS Auditing
UACC
ACF2
1 - Discovery
2 - Extract
3 - Analysis
4 - Blueprint
5 - Changes
6 - Reports
7 - Displays
8 - Monitor
Beta Ready Beta Ready
TOPS
NewEra Software
z/OS Integrity and Compliance
When RACF, ACF2 and TSS
are not enough!
Bob Mancini
Director, Product Marketing
[email protected]
Accepting Applications to Join Beta Team 2009
 z/OS Fast DASD Erase
 The Control Editor
 Image SENTRY
NewEra Software
z/OS Integrity and Compliance
Upcoming Webcasts
For Details Contact
Jerry Seefeldt
Director, Marketing
[email protected]
 Introduction to Image FOCUS – October 15th
 Introduction to Fast DASD Erase – October 14th
 Introduction to The Control Editor – October 21st
 Introduction to Image SENTRY – October 9th