My Macro Just Crashed the Mainframe!

by David Fletcher on April 6, 2016

It was a simple macroWorried-worker that took down the mainframe. Yes, it really happens—and more often than you might think.

Our customers tell us over and over again that they need to be able to lock down access to host resources. They also feel an equally strong need to lock down and harden who can make changes within the terminal emulator. For example, they want to control who can create or modify macros, who can modify encryption settings, or who can modify their own user-specific settings.

Unchecked, any one of these adjustments could cripple your business—by taking the mainframe down or landing your company on the front-page news after a security breach.

And yet companies typically deploy generic, one-size-fits-all configurations because it’s too hard and too expensive to do anything else. Imagine you have 10,000 users accessing the mainframe on a daily basis. How can you ensure that they have access only to the resources necessary to do their jobs, and nothing more? How can you quickly update their terminal emulation settings when roles or business needs change? There’s just no easy way to define, manage, and secure configurations by user group or need. Or is there?

Here’s a story about one large company that was able to simplify the management of terminal emulation configurations with a Micro Focus solution. This company wanted to:

  • Connect to three different host types (Unisys, IBM, and UNIX).
  • Customize terminal emulation for three different user groups.
  • Tighten control over desktop configurations for security and reporting purposes.
  • Switch control of access rights from the centralized IT deployment team to the team responsible for managing the terminal emulation client.
  • Secure and manage their terminal emulators using their existing IAM system.

Our team worked extensively with the company to identify the best way to use their existing IAM system to control terminal emulation configurations. They chose two products: (1) InfoConnect Desktop Pro, which met their multihost access needs, and (2) Host Access Management and Security Server (MSS), which worked with their IAM system to centrally manage and secure host access through InfoConnect.

With InfoConnect’s custom installation tool, the company easily created a package based on three different user profiles. Each profile included customized user settings, security settings, session configurations, keyboards, and macros. The company deployed the package using standard software deployment tools. Now, with their new MSS management capabilities, they can easily update settings and ancillary files as needed.

In short, the company can now grant or deny access to a given host system based on group or role, apply changes quickly to align with business needs, and make post-install adjustments on the fly. Plus, there’s no more waiting in line for IT operations to update the application. The terminal emulation team can do it themselves.

Learn more about how Host Access Management and Security Server works with Micro Focus terminal emulators to manage and secure your host access.

Previous post:

Next post: