Thursday, February 28, 2013

Red Alert - System z Security Portal for Security and Integrity Fixes

I'm not sure whether to call this a red alert. It's more a reminder that you should get starting to use the IBM System z Security Portal. Here's the link :

Reminder to access the System z Security Portal for Security and Integrity Fixes

It was also on the IBM-Main discussion group a couple of months ago when IBM contacted all z/OS customers either directly or through BP about a couple of security issues. As the Red Alert says : "IBM treats information about security and integrity fixes on z/OS as Confidential". Therefore no Red Alerts are issued about security issues but they are fenced off behind the Security Portal. There's a whole process to obtain access to his security portal. You can find all information over here.

In fact a manager should send a mail to your IBM representative or a BP representative who will then send it on to IBM confirming you're a z/OS customer. It must contain the names and ResourceLink IDs of the persons who should have access to the Security Portal. It must also contain the following phrases :
(1) the information is provided "AS IS" without warranties of any kind, implied or otherwise,
(2) any use of the information is at the user's own risk,
(3) the information in this portal and database may change without notice,
(4) the information is IBM Confidential and may be used by you for internal purposes only and may not be disclosed to any third party without IBM's prior written consent, and
(5) in no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use of any of the information".
If you do not feel comfortable with this, do contact your local IBM representative who will surely give you more details about this. If you're not sure how the mail should look like, just send me a mail and I'll send you an example.

If you want to have an overview of all past Red Alerts, then take a look over here. You can also subscribe on that same page so you'll be notified of any future Red Alert.

No comments: