Alliance 2017 - Managing Permission Settings and Overall System Security

•Download as PPTX, PDF•

0 likes•156 views

The document discusses managing permission settings and overall system security in four main elements: permission sets, user set-up, workflows, and change log. It emphasizes avoiding super user permissions for operational users, defining roles and splitting permissions, using security filters and user groups. Workflows can require approvals before transactions post and the change log can be used to report on and sign off changes to sensitive master data.

Technology

1
Managing Permission
Settings and Overall
System Security
# A L L I A N C E 2 0 1 7

2
YOUR PRESENTER
Rhett Williams
Master Consultant
JOINED SPARKROCK IN 2009

4
Basic Principles
Four Main Elements
• Permission sets
• User set-up
• Workflows
• Change Log
Security and segregation of duties is dependent on the size of the team
Avoid operational users having super user permissions (even for small teams)

6
Initial Set-up of Permissions
Make ongoing maintenance as easy as possible
Define roles
Defined functions that make up the role
Split up functions such as create and post
Build permission sets to these functions
Separate read permissions from insert, modify and delete
Altus Base permission sets and recorder

7
Some Permission Features
Security filters
Company specific permissions
User groups

9
User Set-Up
Application side – under operational management control
Used to manage field level security and security over specific functions
Useful for customized field level security
Overrides of posting windows (best practice to use only as an override)

11
NAV Workflows
Workflows contribute to overall system security
Transactions require approvals before printing or posting (record restriction)
In theory, workflows can be applied to master data changes

13
Change log
Neglected aspect of security
Switch on for sensitive master data tables.
‘All fields’ and ‘some fields’
Report on changes to certain tables, sign off and keep

14
EVALUATIONS
P L E A S E T A K E 5 M I N S T O
C O M P L E T E A S E S S I O N
E V A L U A T I O N .
WIN ME!
One lucky survey will
take home a Ecobee
Smart Wi-Fi
Thermostat

15
THANK YOU FOR
LISTENING
@ S P A R K R O C K I N C
W W W . S P A R K R O C K . C O M

CHAZOP is an acronym for Control HAZOP/ Computer HAZOP and is the case where the Hazard and Operability Risk assessment technique is used to determine the risk level of a plant’s Control System or Safety System. Most modern plants use some variation of computer based control systems to run themselves. They are known by various names such as Distributed Control Systems (DCS), Programmable Logic Controllers (PLC), Supervisory Control and Data Acquistion Systems (SCADA), Safety Instrumented Systems (SIS). In a typical process plant these systems may be stand alone operating the entire plant by themselves or in combinations, for example a DCS may be the Basic Process Control System plus there might be a SIS for safe shutdown of the plant in case of a problem. Or the DCS may be the control system for the main plant and the auxiliary plants such as boilers, chillers, compressors may be stand alone skid mounted units that have individual PLCs controlling them. A proper risk assessment study such as a HAZOP should also include these systems. But many times they are excluded, due to a false assumption that they rarely fail. However they must also be included in the HAZOP and this kind of HAZOP is referred to as a CHAZOP.

Alliance 2017 - Jet Reports Tips and Trips

Sparkrock

Alliance 2017 - What's New and Coming Up in Reporting & BI

Sparkrock

Altus Alliance 2016 - Project Success Begins with Management

Sparkrock

Alliance 2017 - Advanced NAV Tips and Tricks

Sparkrock

Alliance 2017 - Budgeting in the 21st Century

Sparkrock

Alliance 2017 - Finance WebApps Best Practices

Sparkrock

Sparkrock Culture code

Sparkrock

Learn about the top security risks and vulnerabilities specific to the Oracle E-Business Suite and why you should care! Whether your ERP is in the process of being implemented or has been in place for years, there are a number of security vulnerabilities commonly overlooked by implementation / support teams focused on project timing, budget, and functionality. This presentation is geared toward the end user community, system administrators, and other application support personnel and what they need to know to protect their Oracle EBS data from unauthorized access. Amplify the participants’ overall security awareness Share knowledge and experiences in securing Oracle EBS Provide a detailed list of commonly overlooked security vulnerabilities, risks each pose, and how to fix or mitigate each

Understanding the Patching Process

Connor McDonald

Getting optimal performance from oracle e-business suite presentation

Berry Clemens

Premier integration with logix, pf drives and ft view (pf755)

confidencial

Why advanced monitoring is key for healthy

Denodo

Watch full webinar here: https://buff.ly/2MwDyhq The use of Data Virtualization as a global delivery layer means that Denodo is a critical component of the data architecture. It cannot fail, needs to be fault tolerant and perform as designed. In this context, enterprise level-monitoring is key to make sure the virtual layer is in good health and proactively detect potential issues. Fortunately, Denodo provides a full suite of monitoring capabilities and integrates with leading monitoring tools like Splunk, Elastic and CloudWatch. Attend this session to learn: - How to configure the key global parameters of the Denodo server - How to integrate Denodo with enterprise monitoring solutions like Splunk and Cloudwatch - Key metrics to monitor

How to Use OWASP Security Logging

Milton Smith

Oracle Solaris 11.1 New FeaturesOrgad Kimchi

Desktop and Server Security

Abhinit Kumar Sharma

Desktop and server securityse

Appin Ara

Getting optimal performance from oracle e business suite(aioug aug2015)

pasalapudi123

Getting optimal performance from oracle e business suite

aioughydchapter

DOAG Oracle Database Vault

Stefan Oehrli

Oracle Database Vault has been on the market for a few years now. The product has been constantly improved over the years. But where is it worthwhile to use it? Which security measures can be implemented with it? And from whom does DB Vault protect me at all? In this presentation, the technical possibilities of Database Vault 19c / 21c will be explained in addition to the experiences from two customer projects. We will try to show where the use of Database Vault is worthwhile under certain circumstances and under which conditions it is not. This also includes whether protection against snakes and thieves is ensured. PS: I asked my children what kind of presentation I should submit.The answers were snakes, thieves and cheetahs…

KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud

Tobias Koprowski

An easy way into your sap systems v3.0

Cyber Security Alliance

DAOS - Scale-Out Software-Defined Storage for HPC/Big Data/AI Convergence

inside-BigData.com

In this deck, Johann Lombardi from Intel presents: DAOS - Scale-Out Software-Defined Storage for HPC/Big Data/AI Convergence. "Intel has been building an entirely open source software ecosystem for data-centric computing, fully optimized for Intel® architecture and non-volatile memory (NVM) technologies, including Intel Optane DC persistent memory and Intel Optane DC SSDs. Distributed Asynchronous Object Storage (DAOS) is the foundation of the Intel exascale storage stack. DAOS is an open source software-defined scale-out object store that provides high bandwidth, low latency, and high I/O operations per second (IOPS) storage containers to HPC applications. It enables next-generation data-centric workflows that combine simulation, data analytics, and AI." Unlike traditional storage stacks that were primarily designed for rotating media, DAOS is architected from the ground up to make use of new NVM technologies, and it is extremely lightweight because it operates end-to-end in user space with full operating system bypass. DAOS offers a shift away from an I/O model designed for block-based, high-latency storage to one that inherently supports fine- grained data access and unlocks the performance of next- generation storage technologies. Watch the video: https://youtu.be/wnGBW31yhLM Learn more: https://www.intel.com/content/www/us/en/high-performance-computing/daos-high-performance-storage-brief.html Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter

GLOC 2014 NEOOUG - Oracle Database 12c New Features

Biju Thomas

Shields up - improving web application security

Konstantin Mirin

Nagios-yatingyating yang

Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...

Splunk

Virtualization and storage technologies go hand-in-hand. If performing poorly, they can have a serious impact on your applications' performance and users' experience. This presentation shows how Splunk can help you get unified visibility into your VMware environment and NetApp storage systems. Learn how to utilize Splunk Enterprise to correlate storage machine data with virtualization, operating systems and data from technology tiers for quicker time to resolution, optimal performance planning and unified view of KPIs across your entire enterprise.

11g Identity Management - InSync10

Peter McLarty

Fuel Good 2018: The Framework for Funding Your Organization

Sparkrock

Fuel Good 2018: Kickoff

Sparkrock

Similar to Alliance 2017 - Managing Permission Settings and Overall System Security

Learn About the Top Oracle E-Business Suite Security Vulnerabilities

OAUGNJ

Understanding the Patching Process

Connor McDonald

Getting optimal performance from oracle e-business suite presentation

Berry Clemens

Premier integration with logix, pf drives and ft view (pf755)

confidencial

Why advanced monitoring is key for healthy

Denodo

How to Use OWASP Security Logging

Milton Smith

Oracle Solaris 11.1 New FeaturesOrgad Kimchi

Desktop and Server Security

Abhinit Kumar Sharma

Desktop and server securityse

Appin Ara

Getting optimal performance from oracle e business suite(aioug aug2015)

pasalapudi123

Getting optimal performance from oracle e business suite

aioughydchapter

DOAG Oracle Database Vault

Stefan Oehrli

KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud

Tobias Koprowski

An easy way into your sap systems v3.0

Cyber Security Alliance

DAOS - Scale-Out Software-Defined Storage for HPC/Big Data/AI Convergence

inside-BigData.com

GLOC 2014 NEOOUG - Oracle Database 12c New Features

Biju Thomas

Shields up - improving web application security

Konstantin Mirin

Nagios-yatingyating yang

Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...

Splunk

11g Identity Management - InSync10

Peter McLarty

Similar to Alliance 2017 - Managing Permission Settings and Overall System Security (20)

Learn About the Top Oracle E-Business Suite Security Vulnerabilities

Understanding the Patching Process

Getting optimal performance from oracle e-business suite presentation

Premier integration with logix, pf drives and ft view (pf755)

Why advanced monitoring is key for healthy

How to Use OWASP Security Logging

Oracle Solaris 11.1 New Features

Desktop and Server Security

Desktop and server securityse

Getting optimal performance from oracle e business suite(aioug aug2015)

Getting optimal performance from oracle e business suite

DOAG Oracle Database Vault

KoprowskiT_SQLSatHolland_SQLServerSecurityInTheCloud

An easy way into your sap systems v3.0

DAOS - Scale-Out Software-Defined Storage for HPC/Big Data/AI Convergence

GLOC 2014 NEOOUG - Oracle Database 12c New Features

Shields up - improving web application security

Nagios-yating

Splunk conf2014 - Getting Deeper Insights into your Virtualization and Storag...

11g Identity Management - InSync10

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

FIDO Alliance Osaka Seminar: Overview.pdf

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Securing your Kubernetes cluster_ a step-by-step guide to success !

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Key Trends Shaping the Future of Infrastructure.pdf

DevOps and Testing slides at DASA Connect

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

UiPath Test Automation using UiPath Test Suite series, part 4

Accelerate your Kubernetes clusters with Varnish Caching

How world-class product teams are winning in the AI era by CEO and Founder, P...

Designing Great Products: The Power of Design and Leadership by Chief Designe...

GraphRAG is All You need? LLM & Knowledge Graph

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

The Art of the Pitch: WordPress Relationships and Sales

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Alliance 2017 - Managing Permission Settings and Overall System Security

1. 1 Managing Permission Settings and Overall System Security # A L L I A N C E 2 0 1 7

2. 2 YOUR PRESENTER Rhett Williams Master Consultant JOINED SPARKROCK IN 2009

3. 3 I n t r o d u c t i o n

4. 4 Basic Principles Four Main Elements • Permission sets • User set-up • Workflows • Change Log Security and segregation of duties is dependent on the size of the team Avoid operational users having super user permissions (even for small teams)

5. 5 N AV P e r m i s s i o n

6. 6 Initial Set-up of Permissions Make ongoing maintenance as easy as possible Define roles Defined functions that make up the role Split up functions such as create and post Build permission sets to these functions Separate read permissions from insert, modify and delete Altus Base permission sets and recorder

7. 7 Some Permission Features Security filters Company specific permissions User groups

8. 8 U s e r S e t - U p

9. 9 User Set-Up Application side – under operational management control Used to manage field level security and security over specific functions Useful for customized field level security Overrides of posting windows (best practice to use only as an override)

10. 10 Wo r k f l o w s

11. 11 NAV Workflows Workflows contribute to overall system security Transactions require approvals before printing or posting (record restriction) In theory, workflows can be applied to master data changes

12. 12 C h a n g e L o g

13. 13 Change log Neglected aspect of security Switch on for sensitive master data tables. ‘All fields’ and ‘some fields’ Report on changes to certain tables, sign off and keep

14. 14 EVALUATIONS P L E A S E T A K E 5 M I N S T O C O M P L E T E A S E S S I O N E V A L U A T I O N . WIN ME! One lucky survey will take home a Ecobee Smart Wi-Fi Thermostat

15. 15 THANK YOU FOR LISTENING @ S P A R K R O C K I N C W W W . S P A R K R O C K . C O M

Editor's Notes

Click the icon to add your picture. Use the round, png version of your picture located in the F drive.
Duplicate this slide for all of your different section titles
Basic slide. Duplicate this slide for all of the locations it’s needed.
Duplicate this slide for all of your different section titles
Basic slide. Duplicate this slide for all of the locations it’s needed.
Basic slide. Duplicate this slide for all of the locations it’s needed.
Duplicate this slide for all of your different section titles
Basic slide. Duplicate this slide for all of the locations it’s needed.
Duplicate this slide for all of your different section titles
Basic slide. Duplicate this slide for all of the locations it’s needed.
Duplicate this slide for all of your different section titles
Basic slide. Duplicate this slide for all of the locations it’s needed.

Alliance 2017 - Managing Permission Settings and Overall System Security

Recommended

Recommended

More Related Content

Similar to Alliance 2017 - Managing Permission Settings and Overall System Security

Similar to Alliance 2017 - Managing Permission Settings and Overall System Security (20)

More from Sparkrock

More from Sparkrock (20)

Recently uploaded

Recently uploaded (20)

Alliance 2017 - Managing Permission Settings and Overall System Security

Editor's Notes