Watson Supply Chain Ideas
Submit new product ideas for Watson Supply Chain solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed.
Connect with users and IBM experts on the
B2B Collaboration Community
Submit ideas for other Watson Customer Engagement Products:
• Watson Marketing
• Watson Campaign Automation
• Watson Commerce
The new HSM connectivity process within Sterling Integrator v5.2.6 leaves the HSM partition password stored in clear text.
RBS Security rules require the following
1) The partition password must be input in two parts (the password is only released to two separate people, both of whom have signed declarations that they will not disclose their part to the other bearer)
2) The input of the password must be obscured. No part of the password can be viewed during the input process
3) The password must be encrypted at rest. Currently this is in clear text within the new hsm.properties file.
I have been advised to raise this PMR by our IBM consultants (Keith Marsh and Lee Wilson. I will additionally be raising an RfE stating the same requirements.
This requirement is urgent (which is why I have given it severity 2), as our existing Luna4 HSMs are beyond end of life, and the upgrade programme we are currently running (moving from ISBI v5.2.1 to ISBI v184.108.40.206) needs to complete this quarter in order to allow the bank to comply with the SWIFTNet 7.2 programme for FileAct before the November end date
How will this idea be used?
Protection of the HSM Partition password, ensuring security of certificates stored on the HSM partition
|What is your industry?||Banking|
|What is the idea priority?||Urgent|
|Link to original RFE|