In order to prevent unauthorized users submitting batch jobs that could accidently run in the production environment you will need lock down the DADSBIF file. Securing the EXCI connection is not going to prevent unauthorized requests from running in production. We have another scenario that will not be detected by security.
When a user submits a batch job it’s first written to the BIF file. Then DADS reads the APPLID record to determine if the Batch Interface is active by checking time stamps of the last scan interval. If the batch interface is not active CA DADS assumes the CICS region is not active. CA DADS then looks at another APLLID parameter (the NOT ACTIVE PARM) and in your CASE it is QUEUE. (NOT ACTIVE PARM QUEUE ) The QUEUE option tells CA DADS to set a return code zero on the CA DADS step and the rest of the batch job runs to update the production files. This QUEUE’D request on the batch interface file can be run at the next CICS startup time if the control file setting is set to run queue’d requests at start time.
So if your CICS region is NOT active(down) and a user accidently writes a queue’d deallocate request to the production DADSBIF this queue’d request could be executed by the DADS PLTPI program at startup time. This would cause you production file to be deallocated after control has been given to CICS.
In Summary the solution here is to only allow authorized users to have write access to the production DADSBIF files.