Kisco Tracks Database Changes with iFileAudit

Published: December 5, 2006

by Alex Woodie

Garbage in, garbage out. The old computing adage still has legs, and perhaps it's even more pertinent considering the astronomical growth rate of data at many sites. You have business rules and triggers in place to keep data entry on the up and up, but are you 100 percent certain that no users or programs are tampering with your data in other ways? i5/OS security tool company Kisco Information Systems last week introduced a new utility called iFileAudit for tracking changes to the DB2/400 data.

The System i's biggest strength is arguably its relational database. The close integration between DB2 for System i (still known as DB2/400 by most familiar with the line) with i5/OS and the rest of the system's stack keeps your company's data safe and secure, while at the same time making it easy for developers writing native i5/OS applications that use it.

While many applications have tight controls in place to ensure data integrity--to prevent garbage from getting into your system--there are still many ways to delete, change, or otherwise corrupt the lifeblood of your organization's business: your data. Once that happens, it's "garbage out" for your System i, as far as auditors and government regulators are concerned.

This is where iFileAudit comes into play. Kisco's latest security tool enables IT managers and administrators to detect, at a very low level, exactly what changes were made to DB2/400, and who (or what application) made the changes.

iFileAudit can track changes at the field, record, and file level. It can identify the user profile that was used to make each database change, or identify the program that was used to make each change, if the changes were made by another application. What's more, iFileAudit can also answer the "where" question and tell you the location from which each file change was made.

The tool uses i5/OS' journaling capabilities to ensure all changes are tracked. Once journaling is activated for a particular file or field (or a series of files or fields), the data starts to accumulate in iFileAudit. Administrators then interact with the product through an on-line interface that also offers drilldown reporting, or they can generate customized audit reports.

There are several uses for iFileAudit. The most obvious is detecting malicious user activity. If you suspect someone is intentionally altering DB2/400 data to the detriment of your company (or for their own criminal benefit), iFileAudit can help you find them and bring them to justice.

iFileAudit can also help you avoid the wrath of auditors who are looking for any holes in your SOX or HIPAA remediation efforts. Lastly, software testing during the development process is another use of iFileAudit advocated by Kisco.

iFileAudit is available now. Prices start at $995 for a single logical partition, or $1,595 to run the product in an unlimited number of partitions on a single machine. For more information, see www.kisco.com.