Introduction to NonStop Operations Management
Security Management
Introduction to NonStop Operations Management–125507
9-5
Staff Support
Staff Support
Separation of security duties helps you avoid collusion and helps you ensure that your
system is well secured. Security administration duties are usually divided between an
auditor, a security administrator (or administration team), and the operations staff.
Depending on your organization’s structure, the security administrator might also be a
member of the operations staff.
•
The auditor is responsible for auditing the system.
•
The security administrator is responsible for:
•
Managing access to the system (user IDs)
•
Managing passwords
•
Developing and implementing security procedures and policies
The Security Management Guide provides detailed check lists for security
administrators.
•
The operations staff is responsible for:
•
Monitoring physical security
•
Controlling dial-up access
•
Restricting access to system software, utilities, sensitive information, and critical
system resources
•
Securing network access
All staff who perform security administration duties should thoroughly understand the
security policy and know how to detect intruders. Tandem provides training in computer
security. Currently, Software Education offers the following courses: Security Concepts
and Planning, Securing Guardian Systems, and Security for Auditors.
User Community Support
Without user support, a security policy is difficult to enforce. Getting user support might
well be the most challenging and rewarding task you face—especially where adherence
to security rules interferes with productive work and people are rewarded mainly for
their productivity.
Your security policy should seek ways of making security as convenient as possible
without jeopardizing your organization’s security. After the policy is in place, educate
users about security issues and how they can help maintain a secure system.