Mainframe Security
IBM's RACF security package operates on the IBM mainframe. RACF access to data is granted on a need-to-know basis; requests for data access must be made in writing to Administrative Computing.
RACF utilizes a combination of userid and password to control who can access what resources and how and when those resources can be accessed.
Rules
- Change your password frequently; change it immediately if you suspect that it is no longer secret.
- Do not write the password down or leave it for others to see.
- Do not share USERID's or passwords. Every person using the IBM mainframe must have their own unique USERID and password. Individuals are held responsible and accountable for everything done with their USERID.
- Do not leave your work station while you are logged on. Log off if you are away from your desk.
- Notify Administrative Computing immediately when an employee that has a USERID and password is transferred, terminated, or no longer has authorization to see the data.
- USERID's with no activity for one year are automatically deleted.
- A user may change passwords at any time, and frequent changes (such as weekly) give added protection against unauthorized access.
- Our RACF requires that passwords be changed at least once every 180 days. (RACF maintains a history of a USERID's twelve most recent passwords, which cannot be reused.)
Suspended USERID
- If a USERID is "suspended" by RACF, IBM access will be denied.
- To "unsuspend" a USERID or other password issues, users should contact the Security Administrator at x25938 -- you will be required to furnish proof of identity.
