When you are dealing with vendors of a smaller scale than IBM, BMC or CA, and you are installing a product that will run APF authorized, how do you assure yourselves that the product is not stealing your secrets, or allowing others to do so (the famous magic SVC)? Do you audit source code? How does that process work such that it protects the vendor's IP rights while still satisfying you or your auditors?
I'm on the vendor side of the equation, but I'm trying to put myself in the customer's shoes. Replies from either customers or vendors are welcome. Thanks, Charles ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
