Thanks to EAM from Cilasoft, IBM i (iSeries, AS/400) enterprises now have a dynamic authority management software solution that allows them to create temporarily-elevated user profiles on an as needed basis, which then generates a complete and intelligible audit trail of all activity on each profile.
Used by small and large businesses worldwide, EAM allows you to reduce the number of powerful IBM i user profiles, such as *ALLOBJ, *SECADM, etc., while retaining the option to elevate profiles when necessary.
Because of its functionality that greatly assists audit procedures, managers gain full oversight over user activity on IBM i, streamlining regulatory compliance processes related to requirements such as Basel II, HIPAA, SOX, and PCI-DSS.
Detailed Management Control Over User Authority
Either automatically or by request (your choice), managers use EAM to temporarily elevate the authority of users, whether by IP addresses, time periods, specific commands, or other parameters.
The software employs several mechanisms to create a detailed audit trail, mechanisms such as logs, screen captures, exit points, and system journals, also qualifying it as a fully-developed monitoring and auditing solution.
Some of EAM’s authority management processes include:
- *SWAP, a feature that applies the authority of another profile to a user you choose
- *ADOPT, allowing users to adopt the authority of other profiles
- *LOG, logs all user activity
In addition, EAM boasts the ability to adjust values and authority settings without making permanent changes to *SECADM authority, allow users *AUDIT special authority when appropriate, grants authority for data changes as needed, and permits user access to command lines.
Nimble and versatile, EAM easily adapts to organizational growth, new systems, and updated processes.
Simplifies fulfillment of elevated user authority requests.
Increases security officer satisfaction by reducing the number of powerful profiles.
Alerting and reporting features satisfy auditor requirements.
Easy enforcement of segregation duties.
Reduces security issues caused by human error.
Greatly limits access to private data.