IBM Sterling Ideas

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Post your ideas

IBM is transforming its request for enhancement (RFE) process. The purpose of the transformation is to provide a more consistent experience for you to submit requests and to enable IBM product owners to respond to your requests more quickly. For more information click here.

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
1. Post an idea
2. Upvote ideas that matter most to you
3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notifications on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Security Administration Report from SPOE administration

Using the ADMIN function to maintain entries in SPOE is basically performing security administration functions.

In some environments auditors/regulators like to see who is performing administration and what changes they are making.

Requesting that you consider having a pre-defined report, or the data available to show WHO (Inserted/Updated/Deleted) a record in SPOE, WHAT record did they administer, DETAILS (If they inserted a record what are the fields that was set, if they updated a record, what fields were changed, If they deleted a record, what did the record look like prior to deletion). You would also want to show WHEN the record was administered.


  • Guest
  • Nov 4 2021
  • Under review
What is your industry? Banking
How will this idea be used?

Two Methods in which this can be useful:

#1. Problem resolution, when a transmission fails due to security issues, and you see the record has been updated in SPOE, you can tell what was changed by looking at this administration log.

#2. We can provide to auditors and regulators details of what we have administered in SPOE.

  • Guest commented
    6 Jan 09:11pm

    Hello, I have been in touch again with my NDM technical staff. They have been able to point me to some JCL that will pull out data based on record types (IU or DU).


    However the JCL does not produce the date the record was inserted or deleted. I just know the query stated to pull in the data from "yesterday". If an auditor were to look at that file/report they would immediately question me on the date of the activity.


    Another issue with a Insert or an Update, the data does not tell what was done. For example if I am doing an INSERT we list the SNODE/SNODEID, but where is the Security User ID reported. What ID did I map when I inserted the record. Another example is when I update an existing record, the data does not appear to state what was updated. What was changed?


    If this is available already can you point me where in the documentation is it located.


    For the zOS platform we are not using Control Center due to the size of our installation.


    Thanks for your assistance.


  • Guest commented
    31 Dec, 2021 04:42am

    Hello, for our organization I am one of the RACF Engineers, not the person that supports NDM/SPOE. Also we are talking about the mainframe (zOS) environment.

    How do I access the Control Center? I do not believe we are running 6.2 yet, so I assume the Web UI would be an option at this time.

    I will also bring your comments to the attention of the team that supports NDM, since when I asked them earlier about this capability they were unaware of its existence.

    Linnea G Sullivan Jr
    VP, Information Security Senior Engineer
    zSeries Security Strategy

    809 4 �� Street | Winston-Salem, NC 27101
    MAC D9635-010
    Tel 336-595-2831 | Cell 336-413-2080
    Linnea.G.Sullivan@wellsfargo.com

    This transmission may contain information that is confidential and/or proprietary. If you are not the individual or entity to which it is addressed, note that any review, disclosure, copying, retransmission, or other use is strictly prohibited. If you received this transmission in error, please notify the sender immediately and delete the material from your system. This transmission is for informational purposes only and is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. Any information regarding specific investments or other products is not warranted for completeness or accuracy and is subject to change without notice.

  • Admin
    VIJAY CHOUGULE commented
    20 Dec, 2021 09:19pm

    Thank you for taking the time to provide your ideas to IBM. We truly value our relationship with you and appreciate your willingness to share details about your experience, your recommendations, and ideas.

    The Audit log in Control Center captures/logs the changes performed by Administration. In 6.2 onwards the Audit logging feature is also available in Web UI making it even more easier to view the log records with easy to use filters.

    Thanks,

    Vijay

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.