OpenVMS System Management Guide, 2nd Edition

Ensure system access to authorized users
Enforce password content standards
Understand UIC-based and ACL-based object protection
Identify security-related system parameters
Consider network-security requirements
Review procedures for auditing security events
Like performing backups (chapter 13), security management is a system-management task that is easily neglected. Because a system that is not secure will still operate, it is easy to focus your efforts on more pressing tasks. The increase in publicized system break-ins and computer virus incidents has increased sensitivity to security matters, but these events tend to encourage a dictatorial approach to security management (e.g., This is my system and thou shalt not enter ).
Although a large part of an effective security-management policy is to restrict, you have to be careful not to lose sight of the service objectives of your organization. You want to deny access to unauthorized users, but you also want to ensure access to authorized users. However, even authorized users must be restricted, if only so they do not accidentally inflict damage on one another. OpenVMS security features are summarized in table 17.1.
| Feature | Description |
|---|---|
| Security domain distributed clusterwide | Changes to the security attributes of a device or volume are automatically distributed to all cluster members. |
| Security templates | Default security attributes for system objects are user-modifiable security templates. Security templates eliminate the need to reapply ACLs on some system objects after every system boot. |
| SET SECURITY command | This single command configures all security and other attributes for... |