How to prevent prevent a user from accessing datasets with his user ID/logonid/LID as the HLQ? Security admins are asking how to manage this.

Release : 16.0

Component : CA ACF2 for z/OS

By default logonids have full access to datasets HLQs that match their logonid. This is controlled by the logonid PREFIX field which specifies the logonid that owns that key(HLQ) and automatically has access to that data. When creating a logonid the PREFIX defaults to the logonid. This can be changed by removing(setting it to null) the PREFIX of a logonid, for example:

ACF
CHANGE logonid PREFIX()