Introduction to NonStop Operations Management

ManualsBrandsHP ManualsServerHP NonStop G-Series

161

162

163

164

165

166

167

168

169

170

Introduction to NonStop Operations Management–125507

9-1

Security Management

Overview

Data is a vital and irreplaceable part of every business. However, data protection is a

difficult task. Not only do you have to protect the data, but you also have to protect

everything that allows people to access the data, including the computer equipment,

storage media, the operating system, and application software.

This section describes “security management” and provides suggestions, guidelines, and

tools for administering the security process. The Security Management Guide provides

detailed information for managing a secure operations environment. This section

concludes with a check list that summarizes the steps involved in security management.

What Is Security Management?

The primary goal of security management is to protect information; it involves

managing three components to computer security:

•

The system. The system component is concerned with managing the operating

system’s ability to control access to the system by defining the security features

contained within the Tandem NonStop Kernel operating system and associated tools

and products.

•

The environment. The environment component is concerned with managing all

aspects of physical security of the computer, its peripherals, and its environment,

and providing power necessary to run it.

•

The human. The human component is concerned with managing the people who

access the system through the use of system IDs, network IDs, passwords, and dial-

up security precautions.

In addition to managing these components, effective security depends on:

•

Following basic security rules. Following a few basic security rules and guidelines

can help create a successful security program.

•

A sound security policy. Developing a security policy, selecting people to enforce

the security policy, and following recommended guidelines for ensuring that data is

secure help you achieve the greatest success in protecting information.

•

People. Management, the staff, and the users must be committed to supporting the

security practices of your organization.

Note. Disaster recovery planning and change control are two other important areas of security

planning. Refer to Section 10, “Contingency Planning,” and Section 7, “Change and

Configuration Management,” for information on these topics.