W dniu 2017-08-02 o 09:52, Timothy Sipples pisze:
John McKown wrote:
Yes. And hopefully the ones whose job this is are doing that.
I'm a z/OS sysprog....
It is your job, too. You just write (yes write) something like:
- - - -
August 2, 2017
Dear (My Manager):
I would like to make you aware that we are no longer receiving
security-related and other patches for the following software products and
release levels that are in productive use, as of the dates indicated:
z/OS Version 1.12 2014-09-30
CICS Transaction Server Version 3.2 2015-12-31
DB2 for z/OS Version 9.1 2014-06-27
Without security patches, and without an ongoing preventive maintenance
program to apply them, there is a growing risk of breaches. We are also
running software products that will receive security updates only for the
next 12 months or less. I can provide those details upon request.
If you have any questions, please let me know. Thanks.
(My Signature)
- - - -
That's it. You've provided the factual information, in writing (which could
be electronic), and your manager decides what to do or not to do. If you've
already done that, great. If there's a material update to provide, to keep
management reasonably well informed, please do.
Just apply a "reasonable care" standard and tell your manager, that's all.
If you're a secretary at an electric company, walking along the park one
sunny afternoon, and you see a couple people trying to steal a utility
pole, "not my job" doesn't wash. You call the police, and you tell your
boss. Likewise, if somebody has left the door open to the utility pole
depot, you ring up your company's security desk and tell them. Whether they
do anything or not is indeed *their* job, but you can observe and notify,
too.
Possible reaction:
(no paper, just shout): GET OUT, YOU'RE FIRED.
BTW: I would take care to inform my manager less officially (and keep
the notification in my archive). From personal experience I'm aware how
pointless is this ;-)
--
Radoslaw Skorupka
Lodz, Poland
======================================================================
--
Treść tej wiadomości może zawierać informacje prawnie chronione Banku
przeznaczone wyłącznie do użytku służbowego adresata. Odbiorcą może być jedynie
jej adresat z wyłączeniem dostępu osób trzecich. Jeżeli nie jesteś adresatem
niniejszej wiadomości lub pracownikiem upoważnionym do jej przekazania
adresatowi, informujemy, że jej rozpowszechnianie, kopiowanie, rozprowadzanie
lub inne działanie o podobnym charakterze jest prawnie zabronione i może być
karalne. Jeżeli otrzymałeś tę wiadomość omyłkowo, prosimy niezwłocznie
zawiadomić nadawcę wysyłając odpowiedź oraz trwale usunąć tę wiadomość
włączając w to wszelkie jej kopie wydrukowane lub zapisane na dysku.
This e-mail may contain legally privileged information of the Bank and is
intended solely for business use of the addressee. This e-mail may only be
received by the addressee and may not be disclosed to any third parties. If you
are not the intended addressee of this e-mail or the employee authorized to
forward it to the addressee, be advised that any dissemination, copying,
distribution or any other similar activity is legally prohibited and may be
punishable. If you received this e-mail by mistake please advise the sender
immediately by using the reply facility in your e-mail software and delete
permanently this e-mail including any copies of it either printed or saved to
hard drive.
mBank S.A. z siedzibą w Warszawie, ul. Senatorska 18, 00-950 Warszawa,
www.mBank.pl, e-mail: [email protected]ąd Rejonowy dla m. st. Warszawy XII
Wydział Gospodarczy Krajowego Rejestru Sądowego, nr rejestru przedsiębiorców
KRS 0000025237, NIP: 526-021-50-88. Według stanu na dzień 01.01.2016 r. kapitał
zakładowy mBanku S.A. (w całości wpłacony) wynosi 168.955.696 złotych.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
