General security considerations
HCL Workload Automation for Z submits jobs for users and starts started tasks. Users communicate with HCL Workload Automation for Z through ISPF dialogs running under TSO or through batch jobs. These dialogs and batch jobs use the HCL Workload Automation for Z subsystem.
Some users might need to allocate, delete, or reorganize HCL Workload Automation for Z data sets. RACF® and HCL Workload Automation for Z facilities let you give individual users the level of access they need while protecting your data from accidental or malicious damage.
HCL Workload Automation for Z needs update access to catalogs and alter access to data sets for all work that it tracks, which uses the restart and cleanup function. But if you permit HCL Workload Automation for Z access to all your systems, a user might gain unauthorized access through HCL Workload Automation for Z, because any job submitted by HCL Workload Automation for Z can access the data. So if you use RACF® V1.9 or later, consider surrogate job submission to authorize jobs submitted by HCL Workload Automation for Z. By specifying HCL Workload Automation for Z as a surrogate user for each of your systems, you can avoid violations from other users. For more information, refer to Planning and Installation and RACF® Administrator's Guide
If you use the HCL Workload Automation for Z hot standby facilities, consider the security environment on any potential standby system. If the standby is invoked, you must access HCL Workload Automation for Z data sets, dialogs, resources, and subresources from the standby system.
If you use the workload restart function, ensure that rerouted work can access the required resources on the system where the work is performed. HCL Workload Automation for Z work that is submitted at a particular destination has the authority of HCL Workload Automation for Z at that destination or, if the EQQUX001 exit is used, the authority of the submitting user.
You can track access to HCL Workload Automation for Z resources by specifying parameters on the AUDIT initialization statement. When a user accesses a nominated resource, a record is written to the current job-tracking-log data set. The AUDIT statement is described in AUDIT.