Skip to content
Search to learn about InterSystems products and solutions, career opportunities, and more.

InterSystems IRIS Security & Reliability

Proven mission-critical security and reliability for the world’s most important applications

abstract technology image

Security Model

Provide Security Without Sacrificing Performance

InterSystems products provide flexible and robust security capabilities while minimising the burden on application performance and development. Our products are designed to support secure application deployment in three ways, by:

  1. Securing the product environment itself 
  2. Making it easy for developers to build security features into their applications
  3. Ensuring that our products work effectively with - and do not compromise - the security of the operating environment

Authentication

The security of our products is based on Authentication. Authentication is how users (humans, devices, other applications) prove that they are who they say they are. Our products support a number of authentication mechanisms (LDAP, Kerberos, direct passwords, OpenAM, and OpenID), and include support for two-factor authentication as needed.

Authorisation

Authorisation determines what resources a user is allowed to use, view, or alter. Assignation and management of privileges (including role-based and application-based privileges) are easily accomplished through APIs, and interactive applications. Also we support row and column level security, as well as RBAC.

Encryption

We provide mechanisms for encrypting both data-at-rest and data-in-motion. Data-at-rest encryption encrypts the entire database, including indexes. Our products will detect if the underlying hardware supports acceleration for encryption algorithms and uses them. In addition we support data-element encryption to encrypt highly sensitive information. Those can even be re-encrypted at runtime.

Auditing

In our products, all system and application events are recorded in a tamper-proof append-only log, which is compatible with any query or reporting tool that uses SQL to review and analyse audit records. In addition to the built-in auditing events, customers can store application specific events as well.

Reliability

Shorten Planned and Unplanned Downtime

Keeping your data intact and your important applications up and running 24×7 matters. InterSystems IRIS provides several options for high availability (HA) and disaster recovery (DR), including clustering, virtualisation HA, and an elegant, easy-to-implement technology for database mirroring.

Database Mirroring

A database mirror is a logical grouping of two InterSystems IRIS systems. Upon startup, the mirror automatically designates one of these two physically independent systems as the primary system; the other one automatically becomes the backup system. Mirrored databases are synchronised from the primary to the backup failover member in real time through a TCP channel.

Sharded database architectures require setting up a database mirror for each shard, thereby eliminating any single point of failure. Deploying in a cloud environment will require some extra configuration steps to ensure automatic redirection of incoming traffic to the primary node.

With database mirroring, application recovery time is typically reduced to seconds. The use of mirroring also enables minimal (or even zero) downtime upgrades.

Using Database Mirroring for Disaster Recovery

An asynchronous mirror member can be set up at a remote site, and updated in near real time. If the primary data center fails, your data will not be lost. Disaster recovery when both members are deployed in a public cloud is dependent on the provider capabilities, but can be achieved by setting up asynchronous members in different “regions,” or even between clouds from different providers.

Clustering and Virtualisation

Clustered systems are typically dependent on shared disk access, but with only one system active at a time. If the active system fails, InterSystems IRIS is automatically started on another server that takes over the processing responsibilities. Users must sign back on to the new server, which may cause a noticeable delay. Virtualisation HA works in much the same way.

Related Resources

Oct 28, 2021
XchangeworX has been developing cloud software and applications on InterSystems products since its beginning, and is now leveraging InterSystems HealthShare and InterSystems IRIS for Health to build its latest SMART on FHIR technologies.
Nov 21, 2019
Global Investment Bank
One of the world’s largest investment banks migrated their main equity trade management application to InterSystems data platform technology.
Jul 06, 2021
Today more than ever before, organizations are striving to gain a competitive edge, deliver more value to customers, reduce risk, and respond more quickly to the needs of the business. To achieve these goals, organizations need easy access to a single view of accurate, consistent, and trusted data – and all in real time. However, growing volumes and complexities of data make this difficult to achieve in practice. As data grows, so does the prevalence of data silos, making integrating and leveraging data from internal and external data sources a challenge.
Aug 10, 2023
Gartner Research
Gartner Peer Insights Reviews are completed by InterSystems customers Vendors placed in the upper-right quadrant of the segment quadrants are recognized through the Customers’ Choice Segment Distinction. InterSystems IRIS was highly rated by customers in the North American region. The data collected represents a top-level synthesis of vendor software products most valued by IT Enterprise professionals.
Sep 30, 2019
Global Head of Product and Industry Marketing

Take The Next Step

We’d love to talk. Fill in some details and we’ll be in touch.
*Required Fields
Highlighted fields are required
*Required Fields
Highlighted fields are required
** By selecting yes, you give consent to be contacted for news, updates and other marketing purposes related to existing and future InterSystems products and events. In addition, you consent to your business contact information being entered into our CRM solution that is hosted in the United States, but maintained consistent with applicable data protection laws.