Looking for relevant Security Whitepapers? Visit the SearchSecurity.com Research Library.
MilesButler | Jul 28 2005 5:11AM GMT
You need a Change Management Product.
We use MKS Implementer.
<a href="http://www.mks.com/products/implementer" rel="nofollow">http://www.mks.com/products/implementer</a>
I hasten to add that this product serves our purposes on the iSeries, you will need to undertake your own assessment.
Miles
iceprincess | Aug 3 2005 8:17AM GMT
We also use MKS Implementer. Our developers do not have authority on production systems to perform any changes. They create and test on a development system which is set up to transfer the program changes to production. Production Control actually moves the code from dev to prod.
On a separate note, for after-hour emergency needs we have created an ID called “emergency” which allows the developers to perform the required changes after they have provided required information (trouble ticket, etc.). We have the ID set up so that it automatically becomes disabled immediately after the log in and the ID must be reset for each use. We also use journaling which captures all log information for auditing purposes.