Ten years ago, most conservative companies heard the terms “cloud services” or “hosted systems” and steered clear. They wanted to be in control of their destiny and did not want to bear the risk of being dependent on a cloud provider. Their priority was to ensure the security of their information as well as the stability and “uptime” of their environment. As cloud computing has increased in maturity in the technology industry, however, the question of moving to the cloud seems to be more when and what, than if. So, with as often as the term is tossed around with seemingly so many different ideas, what does “cloud” mean?
Row Security can be a necessity for so many JDE implementations however, very detailed row security can result in excessive effort put into maintaining the security records as well as system perfor
Compliance efforts as they relate to security are often thought to end once Segregation of Duties has been achieved.
How does The Board and your top management assess the value of Security Audit reports to support their risk assurance? What do you have to report on and what should you give them?
Segregation of Duties (SoD) is the concept of internal controls which attempt to ensure that no single individual has the authority to execute two or more conflicting, sensitive transactions with the potential to impact financial statements. Often these controls are to prevent a single individual from being able to carry out a complete process, without collusion from another individual. Read on....
Auditing changes within E1 can seem daunting! But you can easily audit your History Table for User, Role or Menu changes and identify what was done, when, by whom. Your auditors and going to love this!
Row security in JD Edwards (JDE) EnterpriseOne (E1) is used to protect the data in tables from being viewed and/or updated by unauthorized users. There are two strategies for implementing Row security (Exclusive or Inclusive). While Exclusive can be used to “Manage Exceptions” and the E1 installation defaults to this setting, Inclusive is considered the stronger method for effectively managing data security for a true closed system and to ensure a more painless audit.
The strategy for managing data security is a system setting so one method of the other must be selected and Exclusive is considered the industry standard.
Over time there are frequently Users or Roles in your system that are no longer used, but they still have records associated with them.
Regular maintenance of your User and security tables will help keep your system streamlined and running at peak efficiency. In addition, keeping your User count low may have licensing impact with Oracle.
... or perhaps you will?!
"How is this going to be beneficial to me?"
"Here we go again, advice from people who don't know our business like me"
"This is going to be soooo time consuming"
So why not get ahead of the game and run a DIY Audit first?