Manualshelf

Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
61626364656667686970
Safeguard System Security
Security Management Guide 522283-021
3 - 10
Vacations and Other Absences
Ability to require blind logons (Passwords are not echoed to the screen when
typed.)
Ability to require logons by user name only (Logon attempts by user ID number are
not allowed.)
Ability to specify a password expiration grace period (This feature allows users the
opportunity to specify a new password during logon if their old password has
expired.)
You can also specify that the Safeguard software is to control logon attempts occurring
from specified terminals on the system. At a Safeguard terminal, all of the previously
mentioned special features are enforced. In addition, Safeguard terminals provide the
following extended features associated with the logon procedure:
Ability to specify different command interpreters to be started automatically after
logon for different users (For example, you can specify SAFECOM as the initial
command interpreter for the security staff.)
Ability to specify that the user logged on at the terminal has exclusive access to it
To have Safeguard control the logon process at a particular terminal, use SAFECOM
to create a terminal definition with the ADD TERMINAL command. For more
information about creating terminal definitions, see the Safeguard Administrator’s
Manual and the Safeguard Reference Manual.
The Safeguard software also allows you to implement a security event-exit process to
enforce site-specific password requirements. An event exit process is a user-written
process that participates in security policy enforcement.
Vacations and Other Absences
A procedure for freezing user IDs during vacations and other absences. Also develop a
procedure for thawing user IDs upon return. Be sure this procedure is expedient and
reliable so users can resume work as soon as possible.
When Employees Leave
Develop a procedure for eliminating user IDs of employees who leave the company. In
general, perform these tasks when removing a user from the system:
1. Delete any user aliases associated with the user ID with the SAFECOM DELETE
ALIAS command.
2. Delete the user ID with the SAFECOM DELETE USER command.
3. Determine the disposition of the user’s files. Reassign critical files to another user
and delete unimportant files.
4. Remove entries for the user ID from access control lists of critical system objects.
Inform other users to remove any entries for access control lists that they control.