We all hear that we need to better protect our “sensitive” data. We hear the words sensitive data and immediately turn our attention to our DB2 tables or data physical files. We may make the intense effort required to secure our files, and even encrypt the data as it sits in the files.
But when we talk about sensitive data, we often forget that sensitive data is used as the input for our sensitive reports!
Do we secure our output queues and spooled file reports? Naaaa…. Well, these spooled files contain the sensitive data that we are trying to protect at the file or field level.
The command presented in this issue lets you easily view a user’s authorities to spooled files sitting in output queues. Can the user view, change, delete, or send the spooled file? Can the user view and print the sensitive report?
Do not be lulled into a false sense of security by simply securing your files, you must also secure your sensitive reports. Remember, these reports contain the sensitive data too!