Well, in our case at least the workstation refers to a company provided and managed workstation. We can't log on to z/OS from our personal devices. And we use SSO for many applications. I don't know how it works; only that it does work.
________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Tom Marchant <[email protected]> Sent: Monday, May 4, 2020 2:31 PM To: [email protected] <[email protected]> Subject: Re: IBM-MAIN Digest - 2 May 2020 to 3 May 2020 (#2020-125) On Mon, 4 May 2020 19:14:31 +0000, Frank Swarbrick wrote: >What I would love to see is some sort of "single signon" option, where a user >would only need >to sign on to their personal workstation and not need to explicitly sign on to >z/OS at all. IMO, this is a bad idea unless you can count on everyone's workstation being at least as secure as z/OS is. All you need is one user who gets their PC hacked and the hacker has access to z/OS, with whatever authority that user has. -- Tom Marchant ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
