EAM
The Authority Management Solution for IBM i
CONTEXT
EAM – Elevated Authority Manager, the newest Cilasoft product, allows you to provide additional authorities on an as needed basis, which reduces the number of permanent powerful user profiles (administrator, security officer, etc) on your system.
With EAM you can efficiently control user activity on the IBM i platform to help meet your companies’ compliance with regulations such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standards (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), etc.
DESCRIPTION
EAM allows users to temporarily inherit increased authority, which can be limited to predefined commands, periods of time, and/or days and times.
With EAM you will know the precise actions performed by the user during the period they have been granted the additional authority.
EAM includes not only an effective and flexible authority management mechanism but also a comprehensive monitoring and reporting tool. The user activity is fully audited and logged from different sources (joblog, system and database journals, exit points).
EAM offers two authority management methods:
For example, a user can:
EAM adapts to different company needs and requirements thanks to a very flexible configuration and the capacity to produce pertinent reports.
KEY FEATURES
BENEFITS
Try it for yourself. Experience the power of Cilasoft Software for 40 days—FREE.
EAM – Elevated Authority Manager, the newest Cilasoft product, allows you to provide additional authorities on an as needed basis, which reduces the number of permanent powerful user profiles (administrator, security officer, etc) on your system.
With EAM you can efficiently control user activity on the IBM i platform to help meet your companies’ compliance with regulations such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standards (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), etc.
DESCRIPTION
EAM allows users to temporarily inherit increased authority, which can be limited to predefined commands, periods of time, and/or days and times.
With EAM you will know the precise actions performed by the user during the period they have been granted the additional authority.
EAM includes not only an effective and flexible authority management mechanism but also a comprehensive monitoring and reporting tool. The user activity is fully audited and logged from different sources (joblog, system and database journals, exit points).
EAM offers two authority management methods:
- *SWAP: the user inherits authority by switching to the target user profile
- *ADOPT: the user adopts target user profile authority
For example, a user can:
- Change system values without being permanently granted *SECADM special authority
- Inherit *AUDIT special authority only when auditing values on sensitive objects need to be changed
- Be given data authority to change production files by using DFU or SQL
EAM adapts to different company needs and requirements thanks to a very flexible configuration and the capacity to produce pertinent reports.
KEY FEATURES
- Rule definition with the selection of method (*SWAP, *ADOPT), duration, specific authorized command (or command line), and context (IP address, job, date, time)
- Emergency mode with delegation of rule management and audit trail
- Authority request process is simple (default values, pre-filled parameters) and documented
- 5250 and server modes (i.e. an external SQL interface such as ODBC, JDBC to change data that otherwise cannot be accessed)
- Control and/or audit of commands that allow canceling EAM sessions unexpectedly or hiding the joblog
- Optional alerts when an event occurs (starting, ending, exceeding an authorized period of time, unexpected ending, etc.) via 5250 message, e-mail, syslog, or popup
- Rules on source and target user profiles including group profiles and supplemental groups
- Options to reduce authority, control the access to the command line, even in batch programs
- Centralized management of EAM jobs, with the option to hold, release, end, and extend the duration of jobs
- Logging and reporting of all requests
- Optional ticket control in order to interface with an existing Helpdesk solution
- Customized reports: sent via FTP, SMTP with many different available formats (CSV, XLS, PDF)
- Pre-defined and customizable configuration
- And many other useful features
BENEFITS
- Satisfy more easily requests from users for authorities
- Satisfy security officers by reducing the number of powerful profiles
- Satisfy auditors with reporting and alerting capabilities
- Enforce the segregation of duties
- Reduce significantly security exposures caused by human error
- Limit access to sensitive data
Try it for yourself. Experience the power of Cilasoft Software for 40 days—FREE.
