Automate and simplify RACF security and compliance administration
IBM® Security zSecure™ Admin automates and simplifies IBM Resource Access Control Facility (RACF®) security and compliance administration tasks and enhances RACF delegation capabilities and identity governance. It helps you maximize IT resources, reduce errors, increase efficiency, improve service quality and identify problems quickly to help minimize security risks and demonstrate compliance.
IBM Security zSecure Admin:
- Automates and simplifies routine tasks and identifies and analyzes problems through robust, non-intrusive security capabilities.
- Simplifies the management of multiple RACF databases by merging databases quickly and efficiently.
- Generates commands automatically to clean the database by using RACF information to analyze profiles, permits and connects.
- Helps you understand how profiles and authorizations are used in production with usage reporting.
- Enables you to create a mirrored, offline copy of the RACF database and reduce the risks of introducing errors.
Automates and simplifies routine tasks and identifies and analyzes problems
- Automate recurring, time-consuming security tasks such as managing passwords, password phrases and copying or removing user and group IDs.
- Perform actions for multiple users or groups at one time and simplify complex tasks into one-step actions.
- Execute queries in seconds and implement mass changes with little effort.
- Identify problems quickly, such as missing or inconsistent definitions, to help fix or prevent mistakes before they become a threat.
- Reduce the chance of breaches, lower the cost of administration, enhance identity governance and enable greater business continuity.
Simplifies the management of multiple RACF databases
- Merge security rules from different databases.
- Copy or move users, groups, resources, applications or whole databases between systems.
- Rename user IDs in the same database.
- Execute the same commands to multiple systems and keep multiple RACF databases synchronized.
Generates commands automatically to clean the database
- Review commands to confirm that cleanup actions do not affect definitions that must be retained.
- Increase the integrity of system security by removing unused or obsolete profiles, permits and connects.
- Reduce manual effort needed for assuring compliance and improve data consolidation using less memory, CPU and elapsed time.
- Decrease organizational cost and ease compliance management by storing non-RACF and non-security information in the RACF database.
- Supports the installation data fields and USERDATA; view and update this information and keep it safe and confidential.
Helps you understand how profiles and authorizations are used in production
- Report on actual usage of profiles and authorizations.
- Relate usage information to current profile and authorizations.
- Identify unused or obsolete profiles and authorizations on access control lists (ACL).
- Enforce separation of duties with identity governance based on entitlements to prevent toxic combinations of access rights
Enables you to create a mirrored, offline copy of the RACF database
- Help eliminate human error and possible outages of security.
- Check and verify configuration changes without affecting the production database.
- Test changes and review the results before implementing them.
- Determine how RACF database changes affect users before implementing them.
IBM Security zSecure Admin