Hi again, Ed explained one of the reasons why we wanted to let only the relavant screens to certain groups, like giving crypto coprocessor activity to only security group etc. Groups other than MVS could interpret the same metrics differently, and sometimes this might cause confliction between the groups.
The other issue is that at the end of an audit, -since our groups are growing day by day- we concluded that there is possibility of exposing the parameters, configuration information from the excessive access and toolset usage. So that we try to give only the necessary resource permissions and tool usage to the appropriate groups. Today even READ permissions to certain critical datasets could become excess authority. Also as you know that today highest threats for the companies are coming from inside rather than outside. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
