ADSM-L

Fw: SOX compliance

2005-10-19 19:27:22
Subject: Fw: SOX compliance
From: Nicholas Cassimatis <nickpc AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 19 Oct 2005 19:26:59 -0400
Eric,

You can do one of two things:

1.  Set the passwords to a known value, then before they expire on the TSM
Server, do an "update node nodename knownpassword" to reset the age of the
password.  Since the password doesn't actually change, this is sorta
cheating, which isn't real good where SOX is concerned.
2.  Reset the password from the TDP side before the password expires.  If
you're password expiration is 90 days, do it every 2 months (Say at the
start of every even numbered month).

#1 is easier, but #2 won't get you into trouble.

Nick Cassimatis

----- Forwarded by Nicholas Cassimatis/Raleigh/IBM on 10/19/2005 07:23 PM
-----


Hi *SM-ers!
Some time ago, I was asked to fill a survey about our TSM environment.
Through that survey we discovered that some settings we use are not SOX
compliant.
Now my boss wants me to fix those, but I doubt one of them can be fixed.
We use no password expiration in TSM because of the Data Protection
clients.
DP for Oracle, as well as DP for MySAP requires passwordaccess to be
prompt, so expiring passwords will result in a password prompt and thus in
backup failures and manual interventions. Am I right here?
Thank you very much for your reply in advance!
Kindest regards,
Eric van Loon
KLM Royal Dutch Airlines


**********************************************************************
For information, services and offers, please visit our web site:
http://www.klm.com. This e-mail and any attachment may contain confidential
and privileged material intended for the addressee only. If you are not the
addressee, you are notified that no part of the e-mail or any attachment
may be disclosed, copied or distributed, and that any other action related
to this e-mail or attachment is strictly prohibited, and may be unlawful.
If you have received this e-mail by error, please notify the sender
immediately by return e-mail, and delete this message. Koninklijke
Luchtvaart Maatschappij NV (KLM), its subsidiaries and/or its employees
shall not be liable for the incorrect or incomplete transmission of this
e-mail or any attachments, nor responsible for any delay in receipt.
**********************************************************************
<Prev in Thread] Current Thread [Next in Thread>