Product Lines
Ruminations on the System i Market
October 29, 2008
Raz-Lee Solution Protects Your Business from Deliberate and Inadvertent Risk
Typical day-to-day business-critical applications that companies use provide little or no field-level security. That's the hole that Raz-Lee's patent-pending AP-Journal security product covers, as I learned in a conversation with Raz-Lee's vice president of business development, Eli Spitz.
As opposed to application security, infrastructure security has traditionally gotten a lot of focus, and indeed numerous solutions exist in this market. Spitz notes that although IBM i is known to be very secure, the problem is that when people started using PCs to connect to the System i and to the outside world, everything became wide open for access, more often than not by insiders at the company--not just disgruntled employees--but employees transferring money, doing other dishonest activities, or even inadvertently putting security in jeopardy with honest mistakes.
When it comes to application security, Spitz says, "No one is really checking to see that field updates are reasonable--for example, salary increases or order-related information. Most companies would simply love to have a solution that would prevent and/or notify of unreasonable changes to the price, quantity, or delivery date of items ordered. Such changes, if not prevented or detected, will flow through the system, affecting other data as well."
AP-Journal puts business logic into applications--compliance logic, reasonableness checks--to verify at the moment of data entry whether a change is legitimate. "If you can define it, we can implement it," Spitz states. If an entry fails a check, all sorts of alerts are orchestrated. To stop the occurrence, AP-Journal can send out a notification message to appropriate personnel, and it can also shut down the terminal. AP-Journal's actions can be dependent on the severity of the change. For example, you could configure the product to notify if a five percent salary increase is given to a help-desk person, but if a 10 percent change occurs, you could have AP-Journal close the terminal and make it inoperable. You can also collect evidence: A procedure can be initiated to record the session from that moment forward. You can determine how long the recording goes and then turn off recording and shut down the terminal so that no other damage is done.
"AP-Journal's focus," Spitz says, "is on application data security: trapping unreasonable or suspect changes immediately upon occurrence to minimize error handling, to 'catch the thief,' and to save recovery time." Unpropagating or rolling back such changes would take a lot of time and get out of hand. Preventing these occurrences is what AP-Journal does.
Spitz acknowledges that this solution is based upon information gathered by IBM i journal receivers. The amount of data recorded to the journal receivers is huge and can easily reach hundreds of thousands of kilobytes. As part of Raz-Lee's patent, AP-Journal has a special-purpose repository that filters the data. "If you define the business items," Spitz maintains, "we'll store them in a condensed manner so there's no worry of data accumulating unreasonably in IBM journal receivers."
For more information about AP-Journal, visit Raz-Lee's AP-Journal web page.
--Linda Harty, security & networking/connectivity editor
Posted by lharty at October 29, 2008 9:06 AM
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 |
Blog Policy
We welcome your comments and opinions and encourage lively debate on the issues. However, Penton Media reserves the right to delete or move any content that it may determine, in its sole discretion, violates or may violate its Terms of Use or is otherwise unacceptable. For more information, see Penton Media's Terms of Use.