Special Letter to Ecometry Users |
Customer Feedback |
Client ListContact Us | Free Demo | Home Page
| The simple fact is that anyone can gain full control of your data. Here are some of the basic issues (taken from a standard HP3000 environment MIS audit) and VESOFT's solutions: | |
| 1) Logon passwords should be unique to each individual | VESOFT recommends that users have session names - ie. "steve,manager.sys", where the relevant password (with all restrictions) is tied to "steve" |
| 2) Automatic password expiration |
VESOFT enforces password obsolescence - users are prompted periodically (manager sets the time threshhold) to change their passwords |
| 3) Password integrity enforcement |
VESOFT ensures that passwords cannot be same as logon ID; cannot be shown during screen sign-on; must meet minimum length requirements; minimum length standards; cannot re-use previously used passwords. |
| 4) Inactivity lockout |
VESOFT offers LOGOFF(part of Security/3000) - terminates unattended sessions - this also helps keep you under your user license limit and helps clear sessions at backup time |
| 5) Lockout after 3 unsuccessful attempts - |
VESOFT enforces |
| 6) Desirable to have accompanying audit package to analyze
securityexposures |
VESOFT's VEAUDIT/3000 reports on security loopholes |
| 7) Should log and report attempted security violations and successful
access |
VESOFT offers comprehensive and detailed logging.
There are many loopholes that are standard to HP3000s - for example: :HELLO MGR.HPLANMGR is just one of many easily guessable ways to acquire high-level access to your system |
|
There are several additional critical issues, such as: |
|
| 1) Batch security - embedded passwords in job streams are a serious
breach of system security (they can be visible to unauthorized users) |
VESOFT's STREAMX module (part of Security/3000) eliminates the need for embedded passwords |
| 2) Database security |
VESOFT's VEOPEN |
| 3) Network logons |
See Security/3000 manual: REMOTE ACCESS:NETWORK SECURITY LOOPHOLES |
| 4) Device passwording (including modem), time of day and day of week restrictions | See Sec/3000 manual: REMOTE ACCESS: TERMINAL PASSWORDS |
| 5) File security (addressed by MPEX) |
|
| How many PM users do you have? How many without passwords? | Did you know that a PM user with colon prompt access can acquire SM?
VEAUDIT will show all PM users and which ones are unpassworded -
often easy to guess! |
![[3khat16.ico]](../../img/3khat16.ico)
VESOFT![[archive16.gif]](../../img/archive16.gif "Wayback Archive")