Manage Notes Client Execution Control Lists Without Scaring Your Users

Andy Pedisich, President, Technotics, Inc.


June, 2010

Promote a secure IBM Lotus Notes environment by implementing execution control lists (ECLs) that give permissions to execute actions on the Notes client only to the appropriate entities. Find out the two types of ECLs that administrators must learn to control as well as the entities that have default control over active content. Learn how and why to use functional accounts to sign agents or actions that cause active content on the Notes client.

Execution control lists (ECLs) are the superstars of IBM Lotuotes client security. When configured correctly, ECLs prevent unauthorized changes from being made to a workstation configuration and to user data.
Yet in most domains, ECLs are configured in a way that scares users into making bad security decisions. As you’ll see in a moment, those decisions could leave your Notes clients wide open to attacks by malicious programmers, viruses, and Trojan horse software that claims to be nice but actually wants to ruin your day.
I’ll explain how ECLs protect Notes users and their data. I’ll also show you how default ECLs should be modified to achieve a “best practice” state.

Would you like to see the full version of this article?

If you are an electronic license holder to THE VIEW, please log in to view this article.

If you would like information about becoming an electronic license holder — and having 24/7 unrestricted access to all articles and content in THE VIEW Online Knowledgebase — click here to see the available subscription options.

Or call 1-781-751-8813 to speak directly with a subscription and licensing specialist about customized access for you and your team.