Automation of administrative tasks
IBM® Security zSecure™ Admin enables you to automate recurring, time-consuming security tasks. You can delegate the authority to staff to perform password resets, resume a user and grant specific accesses without granting full administrative privileges to distributed staff. This capability enables frequently requested user support tasks to be managed by the support staff closest to the user, freeing up your security personnel for mission-critical tasks.
Potential problem identification and analysis
Quickly identify and analyze problems in IBM Resource Access Control Facility (RACF®) to minimize threats, such as missing or inconsistent definitions, enabling you to fix or prevent mistakes before they become a threat to security and compliance. You can also monitor privileged users to help ensure old accounts are properly deleted and products have been integrated appropriately. zSecure Admin integrates smoothly with zSecure Audit for end-to-end monitoring and remediation.
Multiple systems administration
The RACF-offline function can be used in a variety of circumstances, such as combining workloads from newly acquired companies or providing a simulated RACF environment to aid in release-to-release RACF migrations. zSecure Admin can administer multiple systems with a single application interface for fast live data access on all of the selected systems in the enterprise to keep security synchronized.
Quick database merger
Compare profiles and efficiently merge security rules from different databases using zSecure Admin. You can copy or move users, groups, resources, applications or whole databases between systems and rename IDs within the same database. When merging profiles from different databases, zSecure Admin performs extensive consistency checks and reports potential conflicts before generating commands, helping ease the burden of consolidation efforts.
RACF database usage reporting
zSecure Admin provides capabilities for reporting on actual usage of profiles and authorizations and relates that information to the information defined in the current RACF database. This helps you to understand how profiles and authorizations are being used in production, while also providing user-to-resource relationships. Identify unused or obsolete profiles and authorizations in access control lists, as well as potential identity governance issues due to over-entitlement.