October 12, 2021 | IBM i

User Authorities: Using a Break Glass Strategy to Control IBM i User Authorities


With the increasing complexity of IT regulations such as SOX or HIPAA, it’s harder than ever for IBM i security managers to keep their business moving, while satisfying auditor requirements.


To meet the need for a separation of duties, IT user profiles have become more restricted.  These restrictions often slow down the ability of IT responders to resolve problems in an emergency, since the responder must first request access for higher authorities to perform the tasks that will solve the problem.


One of the greatest challenges of security management is reducing user authorities while still allowing the user to function properly.  This challenge can be met by implementing a break glass strategy, which enables your IT department to solve problems faster, while meeting audit requirements and reducing the risk of a security breach.


A break glass strategy refers to having a method to temporarily grant IBM i access to the authority an IT user needs in an emergency, without the user having to wait for that authority to be reviewed and granted.  It eliminates the need for administrators to permanently give user profiles higher authority levels than what they really need day to day, a practice which increases a company’s risk of a security breach.  Many vendors such as SEA with its iSecurity Authority on Demand product, offer software with break glass capabilities.


Without a break glass strategy, one of three things usually happens.

  1. Your IT user profiles may permanently have authority levels that are higher than what they need on a daily basis, or:
  2. IT personnel have to request access to or know the password for a shared high authority user profile such as QSECOFR for emergency response, or:
  3. The IT user has to request and wait for their authority to be increased as the emergency is happening.

All of which are risky strategies. Having higher authority than really needed is just bad practice and invites disaster.  Granting higher authority on an emergency basis means you have to remember to take it away.   Sharing a QSECOFR profile amongst the IT team is dangerous and doesn’t provide a real audit trail.  You may have a formal process in place to track back who requested the access and compare that to the log files, but that can be a manual, time consuming procedure.


Break Glass solutions simplify the process of granting increased authority as needed and provide a complete audit trail and reports.  The security manager provides IT personnel with PIN codes which will grant temporary user authorities to perform specific tasks.  This is often achieved through the creation and use of service accounts, which the pin codes provide access to.  Depending on the task that is being performed, the user can review a list of available accounts and authorities to choose from, and the user uses the pin code to unlock and use them.  The security manager can be notified that someone is accessing a particular account and a complete audit trail of the tasks performed is kept.


A good break glass solution allows security managers to have control over the PIN process, including such basic items as how long will access be granted for, how many times the PIN can be used, and whether each user has a PIN or if they must request it each time.  It’s important to be able to implement the pin process in a way that will meet your specific security policies.


Auditors will want to know how many times your break glass strategy was used, by whom and why, because those events are the times in which your business was at the highest risk of having a security breach.  Having reports readily available that can detail who requested increased user authorities, who approved them, and what tasks were performed will save you a ton of time during your audit.  With the reports generated from your break glass software, you won’t have to perform manual searches and compare your records with log files.


A break glass solution saves valuable time and resources in an emergency, enforces segregation of duties, and enables relevant personnel to obtain access to approved authorities as needed.  Its real–time audit of access rights protects sensitive corporate assets and significantly reduces the number of profiles with powerful special authorities.


To learn more about using a break glass solution to temporarily grant IBM i access to the authority an IT user needs in an emergency, check out our Managing IBM i Users with Special Authorities on-demand webinar.