Profile Scorecard

A Profile Scorecard looks at the user profiles on your system and rates them based on the point and severity settings in your security policy.

A Profile Scorecard displays the following information:

Logo: The report uses the logo that you defined in the header information for Powertech Compliance Monitor for IBM i. You can change this to your own custom logo by displaying the Header/Footer tab of the User Preferences window.
System: The name of the system.
Requested: The date and time the Assessment ran on the Endpoint system.
Description: The description applied to the Assessment.
Date and Time Stamp: The date and time that the report was generated displays in the upper right corner of the report.
Compliance Rating: The Compliance Rating indicates the overall well being of the system. The percentage value shows how well the system complies with the defined security policy. A rating of 100% is perfect and indicates that the system is in complete compliance with the defined policy. The % rating normalizes the number and allows you to compare different systems.
Number of Profiles: The total number of profiles on the system.
All: The total number of profiles found for each item evaluated.
Enabled: The total number of enabled profiles for each check.
Severity: The importance assigned to the profile area evaluated. The severity can be one of the following values: HIGH, MEDIUM, or LOW. If the profile area is acceptable within the security policy, the Severity column displays a dash (--).
Bar Chart: A Profile Scorecard displays a bar chart at the bottom of the Scorecard that shows the number of profiles with each type of Special Authority.

Each item checked on the Scorecard is marked with either a green checkmark, indicating it is acceptable within security recommended values, or a red X, indicating it is not acceptable and vulnerable to security issues.

A User Profile Scorecard checks for the number of profiles in each of the following areas and assigns a penalty based on the number of points defined in the Scorecard.

User profiles with Expired Passwords
Group profiles with Passwords
Inactive Profiles
Powerful profiles (non-IBM)
Powerful group profiles (non-IBM)
Profiles with invalid sign-on attempts
Powerful profiles with invalid sign-on attempts
Profiles with command line access
Profiles with Password the same as User ID
Profiles with *ALLOBJ (Root) authority
Profiles with *SECADM (Security Administrator) authority
Profiles with *JOBCTL (System Operator) authority
Profiles with *SPLCTL (All reports) authority
Profiles with *SAVSYS (Backup and Restore) authority
Profiles with *SERVICE (Hardware Administrator) authority
Profiles with *AUDIT (Auditor) authority
Profiles with *IOSYSCFG (Communications configuration) authority