Hi Andy, We backup about 450 Windows clients; all but 50 use DHCP, so the IP address isn't fixed.
I think the requirement is probably to be able to tell WHO accessed the data, meaning at least the real userid, when the nodename has been overridden. But I think the people who have to conform to hippa will have to write the requirement. HIPPA doesn't apply to this particular site, so I only get bugged occasionally about auditing, I don't know what the full Hppa requirement actually is. But I suspect there are a lot more TSM users out there that don't realize they have the "feature" that lets admins access backup data without changing the password or creating an audit trail. Thanks (as always!) for your interest and participation... Wanda -----Original Message----- From: Andrew Raibeck [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 18, 2003 12:48 PM To: [EMAIL PROTECTED] Subject: Re: Client login with admin id and password Hi Wanda, True, but isn't the node name different in both messages? If XNBOSS is normally used (for example) from IP address 128.244.81.53 but now it is accessed from 128.244.81.137, then there is your "trail". Agreed it isn't ideal, but if you suspected that someone was covertly accessing XNBOSS's data, the different IP address would be a clue. Don't get me wrong, like I said, there is other work that we can do. I am not an expert on security issues in general, and have only heard vaguely about hPPA (or whatever it is)... but I would encourage customers who would like to see more security/audit trails in TSM to let their marketing reps know (and maybe this is something that can be taken up via a SHARE requirement). Please provide as much detail as possible in describing the requirement (i.e. how *exactly* do you want TSM to behave?) so that we can better understand the need. In the mean time, users concerned with this should consider using the INCLUDE.ENCRYPT option to encrypt sensitive data. This will prevent anyone else from restoring it (provided that the originating node owner doesn't give out the encryption key). Just don't forget the key, or else you won't be able to get the data back! Regards, Andy Andy Raibeck IBM Software Group Tivoli Storage Manager Client Development Internal Notes e-mail: Andrew Raibeck/Tucson/[EMAIL PROTECTED] Internet e-mail: [EMAIL PROTECTED] (change eye to i to reply) The only dumb question is the one that goes unasked. The command line is your friend. "Good enough" is the enemy of excellence. "Prather, Wanda" <[EMAIL PROTECTED]> Sent by: "ADSM: Dist Stor Manager" <[EMAIL PROTECTED]> 03/18/2003 10:04 Please respond to "ADSM: Dist Stor Manager" To: [EMAIL PROTECTED] cc: Subject: Re: Client login with admin id and password Andy, ANR0406 just shows the nodename for the client: 03/18/2003 11:51:39 ANR0406I Session 70211 started for node PRATHW1 (WinNT) (Tcp/Ip 128.244.81.137(1160)). When I access data from another machine (not my own) using dsm -virtualnodename and override the clients password with my admin id, the text for ANR0406 STILL just shows the nodename: 03/18/2003 11:51:39 ANR0406I Session 70211 started for node XNBOSS (WinNT) (Tcp/Ip 128.244.81.137(1160)). You can't see that I (as administrator) accessed the data from that node and restored it to my own machine, thereby gaining access to data I normally don't have the rights to see. I think that's why people who have to comply with the new hPPA (? I don't remember the exact acronym) privacy laws are concerned about auditing for this access. But then I'm still at 4.2.1.15. Is it different in 5.1? -----Original Message----- From: Andrew Raibeck [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 18, 2003 10:38 AM To: [EMAIL PROTECTED] Subject: Re: Client login with admin id and password TSM does leave some footprints. Refer to messages ANR0406I and ANR1639I. With that said, I suppose that TSM could be made even more secure (at the cost of flexibility), but I would say that this falls into the area of "requirement", not "defect". Regards, Andy Andy Raibeck IBM Software Group Tivoli Storage Manager Client Development Internal Notes e-mail: Andrew Raibeck/Tucson/[EMAIL PROTECTED] Internet e-mail: [EMAIL PROTECTED] (change eye to i to reply) The only dumb question is the one that goes unasked. The command line is your friend. "Good enough" is the enemy of excellence. Gerhard Rentschler <[EMAIL PROTECTED]> Sent by: "ADSM: Dist Stor Manager" <[EMAIL PROTECTED]> 03/18/2003 08:11 Please respond to "ADSM: Dist Stor Manager" To: [EMAIL PROTECTED] cc: Subject: Re: Client login with admin id and password Hello, > IMHO, the TSM server really needs to leave better tracks for this type of > activity. > > ..Paul> that's what I would like to have. In Germany we have a law which requires that access to data which is related to individuals must be restricted and logged. That means that on request it should be possible to tell who accessed the data. With TSM this is not possible. Is it possible to open a pmr on this ground? Best regards Gerhard --- Gerhard Rentschler email:[EMAIL PROTECTED] Regional Computing Center tel. ++49/711/685 5806 University of Stuttgart fax: ++49/711/682357 Allmandring 30a D 70550 Stuttgart Germany
