Application Security vs. Infrastructure Security

0 Flares Twitter 0 Facebook 0 0 Flares ×

As someone who has been intimately involved with worldwide security solutions worldwide, I can divide the Power i security solutions into two categories. 

Mortgage report

Producing an Application Security Report

I’ll call the more prevalent type/category “Infrastructure Security” – into which most security products fall. The products in this category, such as Firewalls, secure network access to the Power i from PCs and laptops, and help perform QAUDJRN auditing, user and password management and more.

Application Security, however, refers to securing business critical data, or tracking, in real time, the changes to this data which cross a user-defined threshold. Strange that products of this type are not as widespread, since the organization’s most valued asset is its business-critical information, – but we are seeing a growing interest in this type of product.

One example of an Application Security tool is Raz-Lee’s iSecurity AP-Journal solution. Using AP-Journal, a manager can easily specify that a programmer can get a raise of no more than $200, whereas a secretary can receive a raise of no more than 4% of their current salary. A violation of this rule triggers real-time alerts, operator messages and even automatic shut-down of the offender’s session.

Manager Gets a Threshold-Generated Alert

Manager Gets a Threshold-Generated Alert

Another unique and important feature is an automatically-generated report, which covers all changes made to a certain item, in all the organization’s applications. An example here is easy… Try to imagine a report that covers all the changes in your mortgage over 25 years – changes to payment terms and rates, to guarantors, and to the house itself…  Any mortgage bank and its auditors would love to see this type of report!

Written by Shmuel Zailer, CEO, Raz-Lee Security
Email Shmuel Zailer at

Leave a Reply

Your email address will not be published. Required fields are marked *