In order to bring you the best possible user experience, this site uses Javascript. If you are seeing this message, it is likely that the Javascript option in your browser is disabled. For optimal viewing of this site, please ensure that Javascript is enabled for your browser.
Login  |   On Demand  |   Home  |

Monitoring System Security
Particularly in environments where security procedures are subject to regulatory controls, system administrators need methods of tracking security-related events.
The system provides automatic features to help administrators control and monitor security activities:
Based on settings in Security Control, users who enter an incorrect user ID/password combination more than a specified number of times are automatically locked out of the system. They can use their user ID again only after the system administrator has reactivated it.
When an account is deactivated, the e-mail system can automatically notify members of the administrator group. This serves two purposes:
In cases where the user simply forgot a password or mistyped it repeatedly, the administrator can quickly restore access.
The administrator knows immediately if an unauthorized user is attempting to access the system with a known user ID. This lets the administrator take appropriate steps such as immediately requiring all users to change their passwords. User Password Force Change Utility ( lets the administrator force users to update their passwords based on user group, domain, and/or the date of the last change.
Depending on the level of log-in history specified in Security Control, use Logon Attempt Report ( to track when log-in attempts take place. This could be useful, for example, to track specific times when unauthorized users are attempting to access the system. The report shows such information as the user ID of the person who attempted the log-in, as well as the date, time, server time zone, and other data relevant to the log-in event.
Note: If you are using electronic signatures, E-Signature Failure Report (36.12.7) lets you monitor unsuccessful signature events. See here.
Example: You can set up batch processing to run this program each morning to identify all failed log-in attempts on the previous day.
Each time a user account is activated or deactivated, the Active Reason Code field in User Maintenance must be updated. This happens automatically when an account is deactivated as a result of excess unsuccessful log-in attempts. Otherwise, the administrator must enter a reason code manually.