User security causes CICS® to make a second check against a user signed on to a terminal, in addition to the link security check described in Link security with MRO. You should consider whether you want the extra level of security checking that user security provides.
You can specify either LOCAL, in which case the user is not checked, or IDENTIFY, in which case a userid is required, but no password is sent.
You specify the sign-on support for each connection using the ATTACHSEC operand of CONNECTION definition, as described in User security in link definitions.