JDE Security – Closed vs. Open

Security is a vital component of your JD Edwards environment and needs to be implemented properly to make full use of its benefits.

At ALLOut, we are all about ‘Best Practice’ because we genuinely want our customers to have the smoothest ride in setting up and working with security in JDE.  Done correctly, it doesn’t have to be confusing and hard to implement, regardless of whether you implement it before or after go-live.

Open vs Closed Model

JD Edwards EnterpriseOne provides the ability to control security for individual users and roles by granting them access to only perform tasks that are essential to their job function. To achieve that objective, security in JDE is typically setup using either a closed or an open model.

The Open Model

The open model security approach is the default out of the box setup with access to all objects granted. Users have the ability to run all applications and reports, and have access to all of the data. In this model, an administrator must then restrict users and groups from accessing objects and data that are not required as part of their daily jobs. This approach is typically accompanied by menu filtering to “secure” undesired items from the users view, which gives a false sense of security.  

Whilst you may think this model is quicker to use, and certainly requires little planning, it really isn’t very secure as it relies heavily on menu security.  We understand that you may be under pressure to hit those project deadlines, but not tackling security up front can cause regrets later on.

The Closed Model

The most effective and secure way to setup security is via the closed model. To configure the closed model, an administrator denies all groups the ability to run applications and reports, while also locking out visibility of data. Once this has been implemented, the administrator grants back access to only the applications, reports, and data that is necessary to run daily job assignments. This assures that there are no missed objects to lock down.  Users are then unable to access sensitive data and perform actions in functions where there could be a conflict of interest and open to the possibility of potential fraud.

But, this closed model will take longer to implement because good planning is essential during the setup. If the effort is not properly managed, it can cause project delays, and ultimately push back your go-live date.

Fortunately, ALLOut has a streamlined solution: StartOut, a preconfigured template of all the JDE programs, menus and security, which simply has to be adapted to meet your company’s specific set up.  Adapt it and upload it, and your best practice security will be automatically in place!