Security Guidelines

To protect your data, make sure that you implement the security guidelines recommended by Unisys and the manufacturer for your relational database.


To decrease security risk

DATABridge Host

Install DATABridge Host to the Unisys mainframe under its own privileged usercode. This is preferable to installing under the usercode of the DMSII database. If you install and run DATABridge under multiple usercodes, you must install a copy of DBEngine under each of those usercodes. Alternatively, you can establish DBEngine as a system library (SL). However, this is not recommended as it may expose your data to greater security risk by allowing unauthorized access to the DBEngine.

DATABridge Client

File security helps to protect Client operations by restricting access to the working directory, its files and subdirectories. Access is limited to the administrators and the system account, and to designated users (or on Windows, user groups). In Windows, you can enable file security via the option Enable File Security at installation, or by running the program setfilesecurity.exe as Administrator after installation. Use the UserID box and the DBAdministrator box to specify users that can run the DATABridge Client and modify the working directory and its files. User IDs specified in the DBOperator box cannot run the DATABridge Client, but can monitor operations by reading the log files.

In UNIX, you restrict file access via the umask entry in the file globalprofile.ini. See Install the DATABridge Client on UNIX.

DATABridge Enterprise Server

File security is automatically enabled when you install DATABridge Enterprise. File security protects the configuration and log files by restricting privileges on the PC to users who need to modify the configuration.

By default, any user in the Administrators group can modify the configuration files and delete the read-only log files. If you create a user group in Windows called DBEAdmins, only the users in that group will be able to alter the configuration files and delete log files. Likewise, if you create a group called DBEUsers, only the users in that group will be able to view the configuration. For more information, see "Implementing File Security" in the DATABridge Enterprise Server Help.