IBM System Storage Ideas Portal
This portal is to open public enhancement requests against IBM System Storage products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
For all those still voting for this IDEA, please see the earlier comment. I don’t know why the status has not updated yet to match the internal status but this has been marked as already implemented. The comment outlines all steps necessary to sufficiently protect the SGC backups. The IDEA will not be implemented as written but following the outlined steps will prevent any potential accidental or malicious removal of the SGC backups.
- Setup User Administrators in CSM. It's best if these users are from a different "area" to provide separation of duties. These users will be the only ones that can provide user access
- Remove all Administrator roles in CSM. Remove any users as admins so that no one has complete authority over the server.
- Setup Operators with limited Capabilities to manage the CSM sessions. You can now define what actions an Operator can perform. To prevent any user from being able to delete an SGC backup, ensure that NO operators have the action "Expire Safeguarded Backups" selected. This will prevent users from being able to delete backups unless this is overwritten by the User Admins in order to free capacity.
- Setup Dual Control. For highest protection, enable the Full Dual Control mode. But for those customers that want to primarily protect their SGC environment, you can now enable SGC Dual Control mode which will require two people to authorize any action against an SGC session. Note that even if you have SGC Dual control mode on, if not one has the "Expire Safeguarded Backups" authority, then they still will not be able to delete the backups.
With the above setup the SGC backups will be protected from deletion. However, it still provides the mechanism to enable the deletion in times of critical need when the capacity usage may end up impacting production. In these cases it's important to have the proper processes in place in your business to ensure that the right requests are made to enable the deletion capabilities but then to disable the deletion capabilities immediately upon executing the action plan.