Security in JD Edwards is much more than just determining which application and reports a user has access to. Security ensures that your people and processes are aligned and protects your company assets from the potential for fraud and misuse. Security helps ensure that private data stays private while still allowing your people access to everything they need to do their job. A well-designed security model is seamless and invisible to the business, but facilitates the rapid changes necessary in today’s business environment.
GSI uses a proven and versatile 5-step methodology for all projects called gSuccess. The gSuccess methodology includes: Discovery, Design, Build, Test/Accept, and Refine. Where does security fall into these areas? Security needs to be an integral part of all 5 areas to ensure a smooth go-live with a secure system.
Utilizing this methodology, GSI can ensure security is an integral part of the implementation or upgrade and that the security toolset is maximizing value for the client.
Perform a security assessment. Look at the business processes in place or being designed as well as staffing levels, who will own security during the project and post go-live. Understand business requirements around ease of maintenance and data security.
Review security strategies based on the discovery security assessment. Determine the optimal strategy and the methodology for implementing the desired security solution. Define the security change control process. Work with the project manager to integrate the security components into the overall project plan.
Create the initial security build. Review options decided upon and begin customizing roles and task views to accommodate business decisions. Several iterations will likely be necessary. Load/create roles and security. Create and validate the security change control process. Review capabilities with the client to ensure requirements are met.
Test the created security roles individually prior to UAT as part of an integrated security test. Iron out details of access within roles to ensure only authorized access is granted. Prepare for User acceptance testing by gathering information on test scripts and creating test users with the appropriate roles. UAT should be conducted WITH security in place. This will help pinpoint any areas of concern to ensure a smooth go-live. Implement security change control processes. Adjust as needed based on feedback during UAT.
Get sign off on the security configuration from the business. Document the security change process and ensure the proper individuals have been trained. Go-live support of users.
Whether you use a third-party security solution or standard JDE security, we have the expertise and experience to provide best in class service and support. GSI has partnered with ALLOut Security and QSoftware to provide exceptional security tools, tailored to your company requirements. Let us help you evaluate the solutions and identify the best fit for your specific needs.
GSI Security Consulting Services
Security Strategy and Design
GSI works with your IT and business owners to review current strategy and processes governing access within JDE. We will then help you design an approach that simplifies the management of system access along with the corresponding reporting and compliance requirements.
JD Edwards Implementations
Are you implementing JDE for the first time and don’t know where to start with security? Are you being told that security can wait, but are worried that waiting too long will result in no security being implemented, or worse yet make it impossible for your users to work? GSI’s security expertise will make implementing a Best Practice security and access model a breeze.
JD Edwards Upgrades
Are you upgrading to the latest version of JDE and need to make sure that your security model is keeping pace with the new functionality? Is your security model a hold-over from 1999, and you need to upgrade it along with the rest of your system? We have worked on numerous JDE security upgrades and can help you bring your security into compliance.
Governance Risk and Compliance
Fraud and misappropriation of assets are a growing concern for many companies, both private and public. For public companies’ subject to SOX compliance, are you able to easily identify users that have access to sensitive date and programs? What about those that can enter, approve, and pay vouchers? How can you be certain that your company assets are safe? Compliance and reporting can be a drain on your resources if you don’t have a way to easily identify, report on, or prevent access to key transactions or programs in your system. GSI has assisted numerous clients design and implement a stringent SOX compliance model while enabling simplified reporting and access controls.
Health checks are an important part of everyone’s life. They help identify areas that need attention along with things that are going well. Security is no different. Over time, how you use your system changes. New modules are added, and custom programs and versions are rolled out. Let GSI security experts deep dive into your system to make sure there are no hidden surprises waiting to be discovered by an enterprising auditor.
Cyber-attacks are on the rise, and are constantly changing. Hackers are working to find any way into your company any way that they can. Do your users know how to recognize dangerous emails and malicious links? What about best practices for keeping your company data safe? Are your users performing sensitive transactions over public Wi-Fi?
GSI is excited to partner with Wombat Security Technologies to offer cyber-security defense and security awareness as part of our portfolio of security services. Let us help you create a security awareness program to reduce your exposure and risk.
To find out more about the GSI’s Security Practice or any of GSI’s other services, call us at 877-474-4262 or click on CONTACT US to send us a request for more information.