× Discuss about Archiving, Close of Business, Delivery Setup, Security Management System, Global Processing etc…

ADMINISTRATION OF PRIVILEGES IN T24

  • AIME CLAUDE
  • Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 1
  • Thank you received: 0

AIME CLAUDE created the topic: ADMINISTRATION OF PRIVILEGES IN T24

How can we ensure privileged users e.g Administrators, cannot monitor themselves, since they can alter security controls to conceal their irregular activities?
#22975

Please Log in or Create an account to join the conversation.

  • VK
  • VK's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • TAFC|R13|R19|R20
  • Posts: 790
  • Thank you received: 113

VK replied the topic: ADMINISTRATION OF PRIVILEGES IN T24

Hi
the matter is quite complex.
You haven't mentioned your architecture but for TAFC / jBASE database here are some thoughts:

On T24 level activities you can monitor F.PROTOCOL (first make sure that all users have in F.USER record):
  25 SIGN.ON.OFF.LOG... Y
  26 SECURITY.MGMT.L... Y
  27 APPLICATION.LOG... Y
  28 FUNCTION.ID.LOG... Y

Then you'll need a trigger either on F.PROTOCOL (catch record amend or delete) and F.USER (amend).
Then you need to somehow monitor trigger disabling / enabling again. This partially can be done using another trigger - on \tmp\jutil_ctrl (in TAFC folder) to catch jsh level commands (including JED). Still it won't help you if user launches OS shell from jsh and types a command there.

Bottom line: near to impossible. Better hire appropriate people that you can trust and/or use other approach of employees control (out of my scope).
#22979

Please Log in or Create an account to join the conversation.

Time to create page: 0.116 seconds