SHARE Security and Compliance Project
The Security and Compliance Project is concerned with enterprise-wide security management, which includes security, auditability, and disaster recovery of corporate data, software, and hardware. We are concerned with security management on the desktop, in the client/server environment, on the mainframe, over the Internet, or within any heterogeneous network. The Security and Compliance Project provides information on security management tools, policies and procedures that address identity management, data integrity, confidentiality, access control, and systems management -- from within a single enterprise, or across public or private networks, such as the Internet, intranet, or extranet.
The customers of the Security and Compliance Project are, but not limited to:
- Security, database, and data administrators who must integrate and manage security policies across the various enterprise platforms.
- LAN and client/server administrators who are responsible for security and disaster recovery of their systems.
- Systems management personnel responsible for managing the enterprise networks and other infrastructure services such as mainframes and subsystems, such as CICS, TSO, JES, etc.
- Anyone responsible for installing, administering, auditing, or modifying the RACF, ACF2 and TopSecret families of products.
- People responsible for writing secure applications that meet accreditation standards.
- Department and senior management requiring information on what the security, audit, and disaster recovery issues are, as well as information on developing and implementing workable solutions in their organizations.
- End-users who have, as employees of an organization, inherent security responsibilities for safeguarding information entrusted to their care.
The Security and Compliance Project offers several products and services to SHARE and its attendees. These include, but are not limited to:
- Education for the attendee regarding security issues, trends, and solutions to security problems on the various platforms and technologies, such as viruses and encryption, disaster recovery development, implementation and maintenance, etc.
- A forum for submitting security, audit, and recovery requirements to IBM for their product lines. This includes RACF, as well as other IBM products that currently have or should have security issues addressed. White Papers which are intended to influence the information technology strategies of IBM, when developing new products, or enhancing existing product lines.
- A forum for Security Managers and practitioners to meet and discuss common problems and solutions in the security, audit and recovery arenas.
- Providing consulting to, or speakers for, other Projects that require security, audit or disaster recovery issues to be addressed, and need additional resources to meet their requirements.