HOW are they logically separated? Are there any layers to this security? Any standard established security boundaries like containers? Or is it just your app code doing its best not to have security bugs?