Question 1

What does CICS/Lock do?

Accepted Answer

CICS/Lock automatically locks inactive CICS 3270 sessions. When a session is inactive for a defined period, the product displays a logon screen, requiring the user to re-enter their password to regain access. This helps prevent unauthorized access to sensitive CICS applications and data.

Question 2

Is this a system, application, or tool?

Accepted Answer

CICS/Lock is a security tool designed to enhance the security of CICS environments. It is not a system or application in itself, but rather a utility that adds an extra layer of protection to existing CICS applications.

Question 3

What types of organizations use this?

Accepted Answer

Organizations that rely on CICS for transaction processing and require enhanced security for their 3270 sessions will find CICS/Lock beneficial. This includes financial institutions, insurance companies, retail businesses, and government agencies.

Question 4

When should we consider CICS/Lock?

Accepted Answer

Consider using CICS/Lock when you need to enforce stricter security policies for CICS sessions, prevent unauthorized access due to unattended terminals, and comply with security regulations. It is especially useful in environments where sensitive data is displayed on 3270 screens.

Question 5

What are the alternatives to CICS/Lock?

Accepted Answer

Alternatives to CICS/Lock include manual session timeout configurations within CICS, other third-party CICS security products, and implementing broader security solutions that encompass mainframe access control. CICS/Timeout is a related product that provides similar functionality.

Question 6

What infrastructure is required?

Accepted Answer

CICS/Lock runs on z/OS and requires the CICS transaction processing system to be present. It operates within an LPAR and integrates with CICS to monitor and control 3270 sessions. No other specific subsystems are explicitly required, but a security manager like RACF, ACF2, or Top Secret is typically used for password validation.

Question 7

How does CICS/Lock integrate with existing security systems?

Accepted Answer

CICS/Lock typically integrates with existing security managers such as RACF, ACF2, or Top Secret for user authentication. It intercepts CICS terminal input to enforce the password re-entry requirement after a period of inactivity. The product enhances CICS security without requiring major modifications to existing CICS applications.

Question 8

What are the main components of CICS/Lock?

Accepted Answer

The core component of CICS/Lock is a CICS transaction that monitors terminal activity. When inactivity is detected, this transaction initiates a password re-entry screen. The product also includes configuration files to define timeout values and other parameters.

Question 9

How is CICS/Lock configured?

Accepted Answer

Configuration files are used to define the inactivity timeout period, the appearance of the password re-entry screen, and other operational parameters. These files are typically customized during implementation to meet specific security requirements.

Question 10

What is the business value of CICS/Lock?

Accepted Answer

CICS/Lock enhances the security posture of CICS environments by preventing unauthorized access to unattended 3270 sessions. This reduces the risk of data breaches and helps organizations comply with security regulations. The product provides a cost-effective way to improve security without requiring extensive application changes.

Question 11

What happens if an organization does not use CICS/Lock?

Accepted Answer

Without CICS/Lock, organizations are more vulnerable to unauthorized access to CICS applications and data through unattended 3270 sessions. This can lead to data breaches, compliance violations, and reputational damage.

Question 12

What is the licensing model for CICS/Lock?

Accepted Answer

The licensing model for CICS/Lock is typically based on the number of CICS CPUs or LPARs where it is installed. The total cost of ownership includes the initial license fee, annual maintenance fees, and the cost of implementation and customization.

Question 13

What authentication methods are supported?

Accepted Answer

CICS/Lock supports authentication through integration with external security managers like RACF, ACF2, and Top Secret. It leverages these systems to validate user credentials during the password re-entry process. The product itself does not store or manage user passwords.

Question 14

What access control model is used?

Accepted Answer

CICS/Lock uses an access control model based on existing CICS security configurations and the security manager in use (RACF, ACF2, Top Secret). It enhances this by adding an additional layer of security through mandatory password re-entry after inactivity.

Question 15

What encryption is used and where?

Accepted Answer

CICS/Lock does not directly encrypt data. However, it enhances security by requiring password re-entry, which helps protect sensitive data displayed on 3270 screens from unauthorized viewing.

Question 16

What audit/logging capabilities exist?

Accepted Answer

CICS/Lock provides audit logging capabilities to track session lock and unlock events. These logs can be used to monitor security activity and identify potential security breaches. The logs typically include timestamps, user IDs, and terminal IDs.

Question 17

How is CICS/Lock typically deployed?

Accepted Answer

CICS/Lock is typically deployed on-premise, as it is designed to run within a z/OS environment alongside CICS. The implementation involves configuring the product to integrate with the existing CICS security infrastructure.

Question 18

What level of technical expertise is required to implement it?

Accepted Answer

Implementing CICS/Lock requires a moderate level of technical expertise, including knowledge of CICS, z/OS, and security managers like RACF, ACF2, or Top Secret. The implementation team should be familiar with CICS transaction processing and security concepts.

Question 19

What ongoing operational requirements exist?

Accepted Answer

Ongoing operational requirements include monitoring the CICS/Lock logs for security events, maintaining the configuration files, and ensuring compatibility with CICS and security manager upgrades. Regular security audits should also be performed to verify the effectiveness of the product.

Question 20

What are common implementation challenges?

Accepted Answer

Common implementation challenges include ensuring seamless integration with existing CICS applications, configuring the product to meet specific security requirements, and resolving conflicts with other CICS security products. Thorough testing is essential to avoid disrupting CICS operations.

Are You a Vendor? Claim Your Listing

CICS/Lock

Product Overview

Frequently Asked Questions

What does CICS/Lock do?

Is this a system, application, or tool?

What types of organizations use this?

When should we consider CICS/Lock?

What are the alternatives to CICS/Lock?

What infrastructure is required?

How does CICS/Lock integrate with existing security systems?

What are the main components of CICS/Lock?

How is CICS/Lock configured?

What is the business value of CICS/Lock?

What happens if an organization does not use CICS/Lock?

What is the licensing model for CICS/Lock?

What authentication methods are supported?

What access control model is used?

What encryption is used and where?

What audit/logging capabilities exist?

How is CICS/Lock typically deployed?

What level of technical expertise is required to implement it?

What ongoing operational requirements exist?

What are common implementation challenges?

Related Products

More from Enterprise Research

CICS/DupS

CICS/SSO

CICS/View

ERi/CICS

ERi/LOGR

Similar Products

_beta access admin

_beta access audit

_beta access easy

_beta access monitor

_beta doc|z plus

_beta doc|z transform

Help Improve This Directory

Are You a Vendor? Claim Your Listing