The Leading Educational Resource for IT Professionals

Book Review: IBM Mainframe Security: Beyond the Basics


Beginners will have a strong foundation after reading this book. Experienced professionals will reference it frequently.


Written by E.K. Jasper


There are several factors in the information industry today that make IBM Mainframe Security: Beyond the Basics pertinent. The biggest one may well be summed up by this question: "What will you do when we're gone?"


My own career began with a job to pay for college tuition and grew for 35 years. I believe every one of my associates has come to their level of expertise more or less by a similar process of progressive accumulation of knowledge and skills, including formal education and training, on-the-job training, conferences, seminars, sharing among user groups, and a continually shifting set of challenges that called for new resolutionsnot to mention the painful but effective experience of problem solving. The most valuable contributions have undoubtedly been the insights, attitudes, and intellectual approaches that were learned from coworkers and associates.


That is "us." I humbly include myself in a group with Dinesh Dattani of somewhat self-styled mainframe security professionals. As a result of variations in Mr. Dattani's experiences, his book shows emphasis in places I wouldn't have thought; hence from it I learned new things. In this field, we learn from each other. And forgive me for saying so, fellow mainframers who grew up with this technology, but we are growing old and leaving the workplace. Mr. Dattani offers this book so that our hard-earned knowledge isn't lost into the sunset.


In his book, he includes quotations at the beginning of many chapters. These add interest, but don't judge them merely as amusements because they also capture some of the greatest pearls of mindset that a security professional can possess. This is just one of the ways this book proudly continues the tradition of sharing and handing down the collective wisdom of decades of security professionals.


There is a clear progression from a basic justification of information security practices, to the core aspects of the operating system security processes, followed by treatment of system-wide levels of RACF empowerment: System SPECIAL, System OPERATIONS, and System AUDITOR. This progression continues into DSMON and all its functions and reports, the role and valuable "tension" with the auditing functions, etc.


At each step in this journey, the reader is not merely exposed to a concept but is given actionable directions for implementation. For example, while reading the discussion of the overarching importance of continued use of DSMON, we are also provided with the syntactical details of every DSMON function and what each will produce, which allows the reader to code them directly into JCL and execute a job to achieve the results described.


Beginners will certainly have a stronger foundation after reading this book. Experienced professionals will reference it frequently. Whether this is a new arena for you or you need an occasional reminder of what something is or how and when you should be doing it, I recommend that you not let this book get away from you!


Also in Book Reviews

Book Review: Extract, Transform, and Load with SSIS


This book could easily be used as a teaching tool for students, interns, or even as a reliable resource for experienced SSIS developers to consult when they need an ETL refresher.

Continue Reading →

Book Review: 21st Century RPG: /Free, ILE, and MVC


Dave touches all the important buttons, and you’ll learn a lot with this book—even if you’re stuck in the 1980s RPG III world!

Continue Reading →

Book Review: Developing Business Applications for the Web--With HTML, CSS, JSP, PHP, ASP.NET, and JavaScript


The book breaks down the topic of business Web application development into three main sections. The first section covers static Web pages and the techniques used to develop these pages. The second section covers four popular programming languages in use today: JavaScript, PHP, ASP.NET, and JavaServer Pages (JSP). The third section covers topics that a Web developer needs to understand to develop successful Web applications.

Continue Reading →