|
Once you want to use FTP and ODBC you will have to first examine your object
level security to see if your implementation is sufficient to prevent
unwanted downloads and uploads of critical data. Users who have *CHANGE
authority to a file can download it, modify it and then upload it back to
the iSeries. Users who have *USE authority to a file can download that
file. While *USE sounds safe enough you typically don't want users
downloading your HR data, customer list, etc. In my experience it is very,
very rare that a company's object level security is sufficient to secure FTP
and ODBC. So now your option for securing FTP and ODBC is exit programs.
The next decision to make is whether you are going to write your own exit
programs or buy a software package that provides this support. Exit program
formats are documented by IBM, but the formats vary from server to server.
FTP is pretty straightforward, but ODBC is particularly complex. Some
companies have successfully written and implemented their own exit programs,
but most leave that up to a third-party software vendor. Many of those who
wrote them initially get tired of maintaining them from release to release
or want to do more complex operations or secure more servers end up buying a
third-party application.
==================================
MORE INFORMATION ON THIS TOPIC
==================================
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
|
