IBM Z Software


This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Planned for future release
Workspace GDPS
Created by Guest
Created on Oct 23, 2024

RELATED IDEAS

Dual control function for DASD Config

Within the DS8K there is protection in place that a (malicious) person is not able to delete/alter devices that are part of safeguarded copies.

We have a cybervault LCP setup to ensure we have immutable backups of our systems, and activated Dual Control function for additional protection within GDPS LCP itself.

So changes to the LCP profiles and/or safeguarded devices within these profiles are protected to be altered by 1 single person.

This way 1 single person is not able to get you in a situation where you end up with less immutable backups then there are supposed to be (by decreasing retention time), or that you have incomplete captures because devices have been excluded from new captures.

In our shop we have a Metro Mirror 2 Site, expanded with a GM physical airgap solution for LCP. By default this is a cascaded setup, so MM from RS1-RS2 and GM from RS2-RS3.

We need the next step in protecting the immutable backups by bringing the DASD config under a dual control function as well. Because a single person can now still remove a device from MM dasd config causing GDPS MM to not care about this device anymore.
After that the person can execute DELPAIR command, causing LCP to take captures of a device that is not being updated anymore.

As long as devices are under GDPS supervision, then GDPS can warn about any undesired status of those devices for us to act upon. Therefor changes to dasd config should be under dual control function as well.

Changes to the DASD Config for GM/LCP (in our setup) are being checked to see that no devices are removed that do not have Save2Delete status. But dual control on this could might be desired for other sites to protect GM config.

Idea priority High
  • Guest
    Jun 25, 2025

    This is definitely an important logical step to be taken in protecting the disk configuration changes, but I also agree it needs to be configurable/not mandatory. A medium priority in my opinion.

    Reply
  • Guest
    Jun 25, 2025

    It's a logical step, but it's limited in usability unless you also lock down the TSO CDEL* commands. That is obviously something that can be done, but there are many genuine use cases for the TSO commands that might make that undesirable.

    Reply
  • Guest
    Jun 25, 2025

    We believe that we should have something like a policy (or RACF definitions) where we could configure if some function needs to enforce dual control or not.

    Reply
  • Guest
    Jun 23, 2025

    Good idea, but needs to be configurable. Don't want this to be obligatory in test environments. Medium priority.

    Reply
  • Guest
    Jun 23, 2025

    Sounds like the next logical step.

    Reply
  • Guest
    Jun 18, 2025

    It's very good idea, we don't use Dual control or GM/LCP in our setup, but more control is always good.

    Reply
  • Guest
    Jun 17, 2025

    Though not directly applicable to our specific configuration, I concur with the positive feedback; it appears to be a very promising idea that warrants consideration.

    Reply
  • Guest
    Jun 17, 2025

    Does not apply to Worldpay

    Reply
  • Guest
    Jun 17, 2025

    This makes sense in such an environment

    Reply
  • Guest
    Jun 16, 2025

    High priority - there is possibility to cause the backup for LCP invalid so extra protection is needed to address the vulnerability.

    Reply
  • Guest
    Jun 16, 2025

    Makes sense. This is a vulnerability that is worth closing.

    Reply
  • Guest
    Jun 16, 2025

    Not something we'll need with the next two years, but a billiant idea nontheless.

    Reply
  • Guest
    Jun 13, 2025

    LBG: This is a fantastic proposal, and it's something we'd like implementing within the next two years.

    Reply
  • Guest
    Jun 13, 2025

    Security is a big focus for American Express and we need to be able have dual control for our configurations to prevent people from removing volumes from replication adding maliciously.

    Reply

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.