Comments on: Activities of a User in AS/400 http://itknowledgeexchange.techtarget.com/itanswers/activities-of-a-user-in-as400/ Fri, 24 May 2013 15:01:00 +0000 hourly 1 By: dand http://itknowledgeexchange.techtarget.com/itanswers/activities-of-a-user-in-as400/#comment-62047 dand Wed, 08 Apr 2009 18:05:42 +0000 #comment-62047 If you have power users, that is users with any special authorities and command line usage, you should turn on user auditing (chgusraud) for those profiles. If you are in a SOX, PCI or HIPPA regulated environment, the audit journal should be dumped regularly for review of command line usage. If users with command line access have update or existance rights to your production data, you should audit them and restrict there access to data utilities such as DFU, DBU and SQL.

*LIMTCPB *YES limiting users to their authorized menu options is the first line of defense on an iSeries. Programmers with command line access should be read only to production data. Everything after that, like auditing user profiles and files, is just mitigating bad security decisions

]]>