IBM® Security zSecure™ V2.3 suite helps:

• Enhance mainframe security position to better demonstrate compliance with regulations.
• Enhance real-time security intelligence analytics and alerts.
• Enhance identity governance for the mainframe to:
  • Help organizations understand, control, and make business decisions that are related to user access.
  • Assess risks.
• Secure cloud and mobile applications.
• Utilize the inherent security advantages offered by mainframes that include pervasive encryption for enhanced data protection.

This video provides an overview and a demonstration of the IBM Enterprise Key Management Foundation (EKMF), a highly secure key management system for the enterprise.

High volume certificates and encryption keys can be managed centrally and uniformly with Enterprise Key Management Foundation independent of target platforms. EKMF manages keys and certificates for cryptographic coprocessors, hardware security modules (HSM), software implementations like Java key store, ATMs, and point of sale terminals. EKMF offers an intensive support for EMV® chip cards, both for issuers, acquirers, and for card brands.

Duration: 37 minutes

Overview

In this workshop, you learn how to maintain a Resource Access Control Facility (RACF®) database with IBM® Security zSecure Admin and monitor the system with IBM Security zSecure Audit. During hands-on exercises, you act as a RACF security administrator for a fictitious company. In this simulated job role, you learn to define a RACF security environment for a specific department.

This workshop teaches the basics of the security administration process and how to implement company security policies and guidelines into specific RACF profile definitions and settings. You learn to verify the quality and validity of the RACF profiles that you define. Finally, you learn how to interpret and report SMF events that the z/OS system logs during the workshop.

Objectives

• Describe the purpose and flow of the RACF management workshop
• Set up a flexible RACF group structure for a department based on PMI security policies and IT guidelines
• Define a departmental security administrator user ID, user IDs for plot writers, verify password quality, and create and refresh an IBM Security zSecure CKFREEZE data set
• Create role-based function groups, resource profiles, and an IBM Security zSecure UNLOAD data set
• Implement role-based access using connections and permissions to the function groups
• Use and explain the various zSecure Admin Verify functions, define a started task, verify started procedures, and manage staff member changes
• Review and, if applicable, maintain RACF audit settings and report and examine SMF records that are logged during this workshop
• Prevent users with OPERATIONS from accessing your PMI departmental data sets
• Clean up RACF profiles and, if applicable, data sets and catalog aliases

This document contains an overview of the IBM Security zSecure job roles, training paths, and the standard zSecure courses that IBM offers for customers.