Learn how role-based access can help you secure your sensitive information.
Written by Carol Woodbury
Editor's Note: This article is an introduction to the Webcast "5 Steps for Implementing Role-Based Access on the IBM i" available to view free from the MC Press Webcast Center.
A good place to start with a discussion of role-based access is by sharing some thoughts on just what the idea of access to computer information and controlling that access mean. When we speak of "access" to a computer, what we are referring to is the ability to do something with the computer—for example, to read, write, or change information. When you decide you need to "control access," what you are doing is explicitly enabling or restricting, in some way, the ability to read, write, or change information. Access controls can not only dictate who or what process may have access to specific information on a computer, it can also specify the type of access that is permitted.
With role-based access, the decision of whether or not access to information is granted is based on the roles that individual users have in an enterprise. There may be accounting, sales, marketing, support, and many other types of roles defined for any enterprise. Roles are typically defined by a thorough analysis of how an enterprise operates. Once you know the roles, you can determine what sort of information on the computer system each role might need in order to be productive in their job.
When the ability to access information on a computer is grouped by role name, the use of that information is restricted to individuals authorized to that associated role. Look at a retail enterprise. In a retail enterprise, there may be many roles. However, for the sake of argument, let's think of two common roles in relationship to the computer information they may need to access. Take, for example, the role of stock clerks. They may need access to information that includes the ability to receive shipped merchandise, to ship out defective merchandise, and to increase (or decrease) inventory levels. The role of accountant may be limited to information that relates specifically to balance sheets, income statements, and sales reports. Access to information on the computer for these two roles would be restricted to their role definition.
The use of roles to control access may be an effective way for an enterprise to develop and ultimately enforce enterprise-specific security policies. Role-based access may be an excellent way for an enterprise to streamline the security management process.
In the video "5 Steps for Implementing Role-based Access on the IBM I," Carol Woodbury, former security architect and Chief Engineering Manager for IBM for the IBM i systems, author of IBM i Security and Compliance, award-winning speaker, and president of SkyView Partners, shares some ideas for implementing role-based access on the IBM i. This video features SkyView's automation tools for compliance and security administration and illustrates how you can make these tools an everyday part of a role-based access model.
Find out more by viewing the Webcast "5 Steps for Implementing Role-Based Access on the IBM i" available free from the MC Press Webcast Center.
Carol Woodbury is IBM i Security SME and Senior Advisor to Kisco Systems, a firm focused on providing IBM i security solutions. Carol has over 30 years’ experience with IBM i security, starting her career as Security Team Leader and Chief Engineering Manager for iSeries Security at IBM in Rochester, MN. Since leaving IBM, she has co-founded two companies: SkyView Partners and DXR Security. Her practical experience and her intimate knowledge of the system combine for a unique viewpoint and experience level that cannot be matched.
Carol is known worldwide as an author and award-winning speaker on security technology, specializing in IBM i security topics. She has written seven books on IBM i security, including her two current books, IBM i Security Administration and Compliance, 3rd Edition and Mastering IBM i Security, A Modern, Step-by-Step Approach. Carol has been named an IBM Champion since 2018 and holds her CISSP and CRISC security certifications.
MC Press books written by Carol Woodbury available now on the MC Press Bookstore.
 |
||
 |
|
IBM i Security Administration and Compliance: Third Edition Don't miss the newest edition by the industry’s #1 IBM i security expert. List Price $71.95 Now On Sale
|
 |
|
Mastering IBM i Security Get the must-have guide by the industry’s #1 security authority. List Price $49.95 Now On Sale
|
Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.
IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn:
LATEST COMMENTS
MC Press Online