President's Message by Don Rima

WAM has always been committed to bringing you the best speakers and the most timely topics we could provide. We’ve always been working hard to bring to our membership the knowledge that you are asking for and needing to help you make your day to day responsibilities.

Well, we’re off to a great start in 2003! We’ve had to make a change in the day that we usually have our meetings to accommodate a very special guest speaker, Mr. Wayne Evans. Wayne has a long and distinguished career with IBM and is very well known and respected as one of the leading authorities in AS/400 security. Frankly, it’s a real privilege to have Wayne as our speaker this month.

We start off the day with a full day seminar by Wayne on AS/400 security. In our AS/400 security seminar, he will be discussing and reviewing ways that you can more effectively manage critical security issues on your AS/400’s. Also we’ll discuss the best practices in security policies and why they are the cornerstone to effective corporate security. You’ll also get the chance to ask Mr. Evans, who has over 30 years of experience in AS/400 security, questions regarding the security of your own AS/400s. WAM thanks Pentasafe for arranging the presentation by Wayne Evans. For more details and to register for this special seminar, check out the seminars page on the WAM Web page.

Hope to see all of you folks at the seminar and meeting... Again, please register EARLY. We don’t want anyone to be left out or to go hungry and not have a place to sit.

See you on the 4th.

February 4th Meeting

PCs are attached to over 70% of the AS/400s installed. The sharing of data between the AS/400 and the PC introduces additional security considerations. Many AS/400 installations fail to properly secure data from PC users.

Client Access has changed and so have the potential exposures and ways to prevent their access.

Attend this session to learn how to properly secure your system from PC users. This session will discuss:

• Overview Client Access Functions
• Use of exit programs to restrict use of functions
• Remote commands and File transfer·
• Program registration facility for exit programs
• Work station feature elimination of first sign on
• Limiting users access to Operations Navigator

Mr. Evans worked at the IBM Rochester, Minnesota development laboratory for twenty-seven years. For sixteen years, he designed and implemented features found in the IBM AS/400 and S/38 operating systems. His last six years at IBM, he specialized in security.

The security features of the AS/400 he designed include:

• Integration of S/36 and S/38 security for OS/400
• Password expiration and validation rules
• Time-out of inactive terminals
• Definition of security levels including level 40 security
• Audit journal for improved event recording
• Option to default authority of new objects from the library
• Design of C2 security features

Prior to the AS/400, he worked on the S/38 CPF including security, message handling, work management, DDM (distributed data management) and DBCS (double byte character support) used in Japan and China. He designed the S/38 CL language and implemented the command analyzer that is in use on AS/400 today.

Tuesday February 4, 2003
Holiday Inn in College Park, Beltway and US 1
5:30 PM Networking/Cash Bar 6:00 PM Dinner 6:30 PM Presentation