Universal Data Mover Manager Security

Universal Data Mover is designed to be a secure system. As the level of security rises, so does the administrative complexity of the system. Universal Data Mover has balanced the two to avoid the administrative complexity with a minimum sacrifice to security.

Universal Data Mover security concerns are:

Access to Universal Data Mover files and directories
Access to Universal Data Mover configuration files
Universal Data Mover user account
Privacy and integrity of transmitted network data
User authentication

File Permissions

Only trusted user accounts should have permission to write to the Universal Data Mover installation directory and subdirectories, and all files within those directories.

IBM i

Object Permissions

Only administrator accounts should have write permission to the following Universal Agent libraries (and all objects within these libraries):

Installation library, UNVPRD510 (by default)
Product temporary library, UNVTMP510
Universal spool library, UNVSPL510

For maximum security, only trusted accounts (administrators and the UNVUBR510 profile) should have management, existence, alter, add, update, and delete authority to these objects.

Note

System value QCRTAUT controls public access authority to created objects unless overridden by specific commands.

z/OS

Data Set Permissions

Only trusted user accounts should have write access to the Universal Data Mover installation files. Eligible users of Universal Data Mover require read access to the national language support library SUNVNLS, the configuration file UNVCONF, and the load library SUNVLOAD.

Configuration Files

Only trusted user accounts should have write access to the Universal Data Mover Manager configuration files.

Windows	Although you may edit configuration files with any text editor (for example, Notepad), we recommend that you manage configuration options using the Universal Configuration Manager Control Panel application. Only user accounts in the Administrator group can execute the Universal Configuration Manager.

Browser not supported