Allegheny County Move to Closed Security with ALLOut

Allegheny County successfully upgraded their JD Edwards EnterpriseOne 9.0 system by implementing the ALLOut Security tool-set. The upgrade involved restructuring their menu management, introducing process-based roles, and converting to a closed security model. These improvements streamlined their system, enhanced security, and facilitated a smooth merger with the City of Pittsburgh’s financial management systems.

Download Case Study

Client in Focus

Through vigorous oversight of Allegheny County’s operations, services, spending, and contracts, the Office of the Controller utilizes every tool available to enhance the public’s trust, bringing county finances and spending into the public eye, conducting audits that meet the highest professional standards, and engaging in timely communications with county officials and the average taxpayer alike on the most relevant fiscal issues facing county government.

Challenge

Allegheny County faced significant security and efficiency issues with their JD Edwards EnterpriseOne 9.0 system. Their security setup was inefficiently based on individual users rather than business processes, leading to disorganized menu management and complex security maintenance. Additionally, the county was merging financial management systems with the City of Pittsburgh, which necessitated a more streamlined and secure system.

Solution

To address these challenges, Allegheny County implemented the ALLOut Security tool-set during their upgrade to JD Edwards EnterpriseOne 9.0. This solution involved restructuring menus to create a single, streamlined task view, and implementing small, process-based roles to stabilize the security structure. By converting to a closed security model with “Deny ALL” settings and utilizing ALLOut’s SecurityPlus module, they established a consistent and secure method for managing system access.

Results

The implementation of ALLOut’s tools resulted in substantial improvements for Allegheny County. The new menu structure and process-based roles reduced redundancy and enhanced security management efficiency. The closed security model significantly cut down on unnecessary security records and improved overall system security. These changes not only facilitated the smooth merger of financial systems but also saved the county significant resources and improved their operational efficiency.

Products Used

CombiRoles

ProfilePlus

SecurityPlus

Download the full case study and discover Allegheny County's move to closed security with ALLOut

Download Case Study

Allegheny County Move to Closed Security with ALLOut

Cookie name	Default expiration time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_ga_<container-id>	2 years	Used to persist session state.
_gac_gb_<container-id>	90 days	Contains campaign related information. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.

visitor_id<accountid>	The visitor cookie includes a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account identifier, 12345, makes sure that the visitor is tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code.
pi_opt_in<accountid>	If Tracking Opt-in preferences is enabled, the pi_opt_in cookie is set with a `true` or `false` value when the visitor opts in or out of tracking. If a visitor opts in, the value is set to `true`, and the visitor is cookied and tracked. If the visitor opts out or ignores the opt-in banner, the opt-in cookie value is set to `false`. The visitor cookie is disabled, and the visitor is not tracked.
visitor_id<accountid>-hash	The visitor hash cookie contains the account ID and stores a unique hash. For example, the cookie name visitor_id12345-hash stores the hash “855c3697d9979e78ac404c4ba2c66533”, and the account ID is 12345. This cookie is a security measure to make sure that a malicious user can’t fake a visitor from Pardot and access corresponding prospect information.
lpv<accountid>	This LPV cookie is set to keep Pardot from tracking multiple page views on a single asset over a 30-minute session. For example, if a visitor reloads a landing page several times over a 30-minute period, this cookie keeps each reload from being tracked as a page view.
pardot	A session cookie named pardot is set in your browser while you’re logged in to Pardot as a user or when a visitor accesses a form, landing page, or page with Pardot tracking code. The cookie denotes an active session and isn’t used for tracking.

Cookie name	Default expiration time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_ga_<container-id>	2 years	Used to persist session state.
_gac_gb_<container-id>	90 days	Contains campaign related information. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.

visitor_id<accountid>	The visitor cookie includes a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account identifier, 12345, makes sure that the visitor is tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code.
pi_opt_in<accountid>	If Tracking Opt-in preferences is enabled, the pi_opt_in cookie is set with a `true` or `false` value when the visitor opts in or out of tracking. If a visitor opts in, the value is set to `true`, and the visitor is cookied and tracked. If the visitor opts out or ignores the opt-in banner, the opt-in cookie value is set to `false`. The visitor cookie is disabled, and the visitor is not tracked.
visitor_id<accountid>-hash	The visitor hash cookie contains the account ID and stores a unique hash. For example, the cookie name visitor_id12345-hash stores the hash “855c3697d9979e78ac404c4ba2c66533”, and the account ID is 12345. This cookie is a security measure to make sure that a malicious user can’t fake a visitor from Pardot and access corresponding prospect information.
lpv<accountid>	This LPV cookie is set to keep Pardot from tracking multiple page views on a single asset over a 30-minute session. For example, if a visitor reloads a landing page several times over a 30-minute period, this cookie keeps each reload from being tracked as a page view.
pardot	A session cookie named pardot is set in your browser while you’re logged in to Pardot as a user or when a visitor accesses a form, landing page, or page with Pardot tracking code. The cookie denotes an active session and isn’t used for tracking.