JDE Security – Closed Model vs. Open Model

JDE Security – Closed Model vs. Open Model

Security is a vital component of your JD Edwards environment and needs to be implemented properly to make full use of its benefits. At ALLOut, we are all about ‘Best Practice’.

Out-of-the-box JD Edwards (JDE) EnterpriseOne (E1) software comes with an ‘Open’ security architecture. This means that all users (who have access to the system) can, theoretically, access all applications and update any data. A ‘Deny All’ or ‘Closed’ security methodology requires that the system is locked down so that no user can access any applications or data. Authority is then granted back to the appropriate users and roles.

Due to the architecture of JDE, Menu Filtering is not enough to ‘secure’ the system completely and therefore different Security types exist to help control the users on the system.

Ensure a Fully-Closed System When implementing a deny-all security model, the best approach is to lock down at least both application and action code security. Because the default state of a JDE system is open in the absence of a security record, locking just one or the other results in a system that is potentially vulnerable.

The procedure for implementing a closed system is now well proven and can be achieved quickly and with minimal disruption for end users.

The cost of the solution is minimal compared to the time, effort and disruption for end users when doing the lock down using standard E1 features. 

Once complete you will be in a position to undertake effective compliance reporting and segregation of duties reporting – ALLOut Risk Reporting Module will assist with this.

If you find that you are having segregation of duties issues with your role structure then you will need to re-structure your roles using the Supergrid and the ALLOut CombiRoles module.

The Risk Management Module takes role assignment to the next level.  You can use it to stop a role being allocated that will cause a SOD breach.  It also has advanced audit trail and reporting features.

Contact Us

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy. You can always revoke your consent by clicking on the icon at the bottom left of the screen.

Privacy Settings saved!
Privacy Settings

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services here.

These are cookies that are required to enable you to browse our website and use its features, for example, to log into secure areas of our website.
  • mfn-builder
  • itsec_interstitial_browser
  • wam_assigned_roles[0]
  • wordpress_logged_in_
  • wordpress_sec_
  • wordpress_test_cookie

Google Recaptcha is a spam prevention system (Google Recaptcha) to ensure that our site is spam free. Read more here and here
  • UULE
  • NID

Decline all Services
Accept all Services