MASE automates the process of developing and managing security standards. The initial MASE system extract intelligently populates an initial load of the MASE standards. These can be edited and enhanced within MASE.
Once the standards are certified by the relevant security or auditing teams, MASE gathers daily extracts of all required security information from each monitored system. These extracts are gathered on the mainframe and then converted and loaded into the MASE database which resides on a Linux or Unix machine. As each daily extract is loaded into MASE, a deviation analysis is automatically performed. The result is a series of summary and detailed discrepancy reports. These reports list all items that do not meet standards and all discrepancies that have been resolved.
Finally, MASE manages the process of resolving discrepancies. The security administrator uses MASE to acknowledge or close discrepancies, and to check on historical trends.
MASE was first introduced in 1990 and has been in continuous use in one of the largest IBM Mainframe complexes in the world since that time. Companies that use MASE are able to automate the entire compliance assurance lifecycle for IBM/MVS RACF, auditing security through repeatable, defined, and managed processes. The result is better security and cleaner audits at greatly reduced cost.