I.C.U...MVS
Resource Center
Click On The Links Below For Additional Information

I.C.U...MVS Government Sector
4 Page Color Brochure
NEW

I.C.U...MVS Commercial Sector
4 Page Color Brochure
NEW

Automating Mainframe Environments To Achieve Regulatory Compliance
A Position Paper

IT Glossary
A Comprehensive Dictionary

JANUS Associates

Celebrating 20 years

• Information Security

• PCI and Regulatory Compliance Assessment

• eDiscovery

• Data Forensics

• Disaster Recovery

• Business Continuity Planning

• Third Party Certification and Accreditation

• War Dialing

• BIO*GATE Authentication and Identity Management Solutions

• I.C.U...MVS Automated Mainframe Security Audit Tools

JANUS... professionals partnering with you to improve your IT security and protect your organization's assets.

I.C.U...MVS

Automated Mainframe
Security Audit Tools

When You Need To Know That Your OS/390 and z/OS Mainframes Are Secure

Many organizations believe their mainframes are secure when in fact they are not.

Mainframes have been in existence long before connecting to the outside world was a necessity. The drive towards multi-site connectivity, Electronic Data Interchange, Just-In-Time inventory solutions, and e-commerce means that mainframes which once stood alone are now connected to internal and external networks including the Internet. These interconnects in many cases create a direct pipeline to an organization’s most critical data.

The question that needs to be answered is how best to test and assess the level of security on your mainframes without expending massive amounts of human resources. The answer is I.C.U...MVS from JANUS Associates.

Why You Need I.C.U...MVS:

The potential for gaps in your OS/390 and z/OS mainframe security controls are very real. Any time an application is installed or modified serious holes can develop. These problems are not ’t only limited to software. Each time you add or modify hardware you are also adding software and drivers thus opening a potential breach path.

I.C.U…MVS can help you determine where the weaknesses are in your existing mainframe security controls. It will show you vulnerabilities in existing security access control settings that might allow someone within your organization or from the outside to bypass your existing data access controls.

I.C.U...MVS is a software tool that extends the capabilities of your access control package. It discovers security vulnerabilities missed or inadvertently left unmanaged by the access control security process and it does this quickly and automatically by analyzing the:

• Operating system;
• Access control package; and,
• Business data resident on the system.

In specifics I.C.U...MVS searches out potential problems by examining:

• System modifications (APFs, LPAs, Linklists, etc.);
• Executable code modifications (such as Trojan Horses);
• Sensitive system data (passwords, security implementation); and,
• Sensitive business information (payroll, agency data, proprietary formulas, etc.).

Not just an administration tool, it is the only “pure” mainframe penetration and vulnerability assessment tool available today. In fact, you must already be using RACF, CA-ACF2 or CA-Top Secret in order to use I.C.U…MVS. Even though it is not strictly an audit tool, the Big 4 accounting firms have used I.C.U...MVS as part of their audits.

I.C.U…MVS advanced architecture helps you challenge your own safeguards in much the same way as do hackers, competitors and, disgruntled employees.

Do I Really Need I.C.U...MVS?
I Already Have RACF, CA-ACF2, CA-Top Secret.

Yes, you really do. Access control packages lose their security hold over time because mainframe systems are affected by constantly occurring changes. Several examples of these changes and the resultant questions that require accurate informed answers are:

• New applications added to systems can leave security holes; What is the interaction between the new application and existing applications? Does the interaction leave exposures? I.C.U…MVS helps you answer these questions.

• Employee additions and separations are reported and over time additional permissions are granted; How can you be certain that every access permission has been found and removed when the employee leaves a department or the organization regardless of reason? I.C.U…MVS helps you find them all.

• Outside vendors are granted wide access to systems and can unknowingly or on purpose create vulnerabilities which are completely unknown and unexpected to you and your team. I.C.U…MVS helps you monitor and control these vendor-created exposures.

With senior level security employees in short supply, with systems administrative staff stretched for time, and with changes in business constantly disrupting information security nets, it is almost impossible to maintain an adequate, let alone good security level without some type of regular examinations. Using I.C.U…MVS’ unique methodology, security can be dramatically improved in just fifteen minutes a day.

Contact a JANUS Mainframe Security Professional to learn more about I.C.U...MVS and how to proactively manage your mainframe security. contact

JANUS Associates, Inc., 1055 Washington Blvd, Stamford CT 06901 (203) 251 0200 | Terms of Use