Regulate the Use of File Editors in IBM i Production Environments
Nanuet, New York – April 4, 2019 – Raz-Lee Security Inc. announces the release of iSecurity Safe-Update, the solution that protects production environments against updates made by unauthorized programs such as file editors or the interactive Start SQL (STRSQL) command.
It is very risky to use file editors or STRSQL on business-critical data in production environments. The Sarbanes Oxley Act (SOX) and other regulations require that updates are made by allowed programs only. To date, all safeguards have been implemented by user access authorizations.
Safe-Update is the newest addition to iSecurity, Raz-Lee’s suite of Cyber and Security solutions.
“We talk about protecting business critical files from file editors but end up using the existing authority system to prevent programmers from accessing the files. That isn’t what we wanted. With the added security layer that Safe-Update provides, we finally can ensure that file updates are done by allowed programs only, unless specific temporary permission was set,” says Shmuel Zailer, CEO, Raz-Lee Security.
Safe-Update protects by ensuring that updates are done by a preset list of programs or simply preventing updates by file editors. Even file editors can be used as long as they don’t issue updates. If there is a need to allow updates by file editors, Safe-Update’s permission system makes it possible.
Work orders from management can be entered into the system, each specifying a task and the consideration to perform it.
Authorized programmers can set a ticket subject to the work order. While the ticket is active, they can use any program to accomplish the mission, knowing that all updates are fully documented.
Less security-focused organizations can allow programmers to open ad-hoc tickets directly while specifying the reason for them.
Tickets can be limited by target files, time and number of operations. A ticket is automatically closed if the programmer has stopped using it.
If an update is attempted, a window pops up, requesting a ticket. The ticket may require managerial permission. Even batch activity can be protected.
Safe-Update provides a new dimension in securing production files.
iSecurity Safe-Update is easy to install and implement. It is available now and can be purchased from our certified business partners.