Summary of ServicesThe objective is to provide the Client with the assistance and guidance to enhance their implementation of the Top Secret System (TSS). This service will address two very specific improvements. The first is to enact improved security for System Commands and Operator Facility controls. The Console facility and System Command security will be upgraded from WARN to FAIL mode. The second improvement is to initiate a migration of the application batch user ids from WARN to FAIL security enforcement mode. The following is a summary of the steps to achieve those goals. These steps are not meant to be all-inclusive and may be modified as determined as review and progress is made on the project.
System Command and Operator Controls
- Review and list all defined consoles on the system.
- Review the attributes of defined consoles.
- Review to determine if all default console attributes are in place.
- If there are some consoles not defined to TSS, implement a process to begin creation of the consoles.
- Review each console for the department and profiles that it has access to, and needs access to.
- Work to determine:
- Which users should be authorized to which system commands.
- Which system commands cannot be used and by what users.
- Review all entries in the ALL RECORD. From the review remove all necessary entries and add permissions to the correct resources in the appropriate Profiles. The Console Facility will be placed in Fail Mode and not run in Warn Mode at end of project.
Application Batch ID Security
- Identify and inventory all application batch user ids on the system.
- Define what applications these batch ids should have access to using audited reports from Top Secret Warn Mode.
- Review the associations and permissions for the Application Ids and make necessary Permission adjustments.
- Develop an on-going process for the client to establish these associations for future ids. Application IDs in Batch will be run in Fail Mode.