Do you know if your system users are accessing files that are outside their scope of responsibility? You can journal those sensitive files and report on who has made changes to the records, but it's a bit different if you want to know who looked at the files, but did not make any changes.

In our highly regulated environment, we must be able to detect who is looking at the sensitive files. For example, should members of the IT staff be looking at the PAYROLL file? Should our business analysts be viewing any sensitive data? What are the limits? Where is the segregation of Duties? What is the state of our PCI compliance? Are we compliant with state privacy laws? Unless you have a way to audit who is looking at your sensitive files, it's a difficult state.

IBM Redbooks are a great learning tool when you want real depth and practical instruction and know-how on technical topics. IBM maintains the IBM Redbooks System i Portal that contains hundreds of Redbooks and smaller RedPieces that you can freely access and download. The general IBM Redbook Portal provides access to all platform Redbooks.

Ihe ITSO(IBM's International Technical Services Organization) has now created their own social networking Redbook sites. So now you can follow the Redbooks on Facebook and Twitter.

While the Query/400 product is an old work horse heading for retirement, it is still widely used in many shops around the world. For this reason, and even as more contemporary query and BI products are taking over, it is important to emphasize that as long as Query/400 is installed on a system it calls for consideration both in terms of operational and security aspects.

In order to address some of these requirements Query/400 has over time been subject to a number of enhancements delivered by means of special data areas.

In this article I provide a new command that brings all these special data areas into one easy to use command interface.