ERP Suites Clarity: Security Management
The next feature we want to highlight in our Clarity blog series is Security Management. A newer addition to the Clarity system monitoring tool, this feature uniquely presents all your JD Edwards (JDE) security management information in a single dashboard. Why is this a big deal? Imagine an auditor is accessing the security of your EnterpriseOne (E1) system. With Security Management, you can provide the information they need at a glance. Look no further than the Security Summary section to easily check metrics including:
- How many users are enabled or disabled?
- How many security workbench records exist?
- What percentage of security is defined at the user level?
- How many password exceptions are in place?
- How many invalid login attempts have occurred?
- Are there roles without environments?
- How many sensitive applications are being accessed?
In the example below, we see a customer with 735 users enabled and 1,130 users disabled. They might ask themselves, “Should we have this many users enabled at this time?”, or “Do I really have this many active users on the system?” By clicking on the “Enabled” or “Disabled” boxes, they can see which users are enabled or disabled without logging in to E1 and filtering on the security table. The little red boxes tell them a recent user has been removed from the enabled list and added to the disabled list. Notice 7% of the overall security has been defined at the user level. Since this is not always the best security framework, the customer can now focus their efforts on discovering why security was defined this way rather than by *PUBLIC or Role.
The red Password Exceptions box tracks the number of users in the system who do not require a password change. Clicking on Password Exceptions, reveals which IDs are set up with exceptions, such as JDE or database users, and helps you pinpoint users that should not be set up like this.
The blue Invalid Attempts box tallies users who have unsuccessfully attempted to log in. Again, you can click on the box to scan the user list and whether or not they were disabled in the process. Quickly spot excessive failed login attempts and then check the user in question. This feature can help you discover suspicious activity that might be occurring as well.
Roles Without Environments
The green Roles w/o Environments box shows how many roles in the system don’t have any environments assigned. Drill into the detailed list to figure out which ones are needed and which are not so you can clear out the excess. If there is an issue with new role set up and users can't log in to a particular environment, Roles w/o Environments is a good place to start.
Sensitive Application Access
The yellow Sensitive Application Access box displays the number of applications deemed sensitive in the E1 system. This is extremely important data. Click for an in-depth look at the applications and the users accessing them.
Company Security Model
Rounding out the Security Summary section is a snapshot of the company security model. Are all doors closed? Are there any security issues with sensitive accounts or applications? Is there suspicious login activity? Clarity will alert you here with a red exclamation point if anything should be addressed. You can hover over the list for details about the alert.
The Aging Report section provides important inactivity data such as “Users by number of days since last login” and “Expired Roles by number of days since expired.” Use this information to clean up your security system. Clarity gives you a heads up — users may be disabled if they haven’t logged in for at least 45+ days or if their roles have expired.
Last, but certainly not least, Security Management offers a Historical Utilization section. As we found in the Application Management blog, these graphs can pull data from yesterday, last week, or even the entire month. Set a custom range if you want to. You'll find vital security change data including:
- F000950 Record Count
- User Status History
- Sensitive Application Access
- Security Activity History
Don't spend countless hours searching for security specifics. Let Clarity do it for you. Maximize these features and provide greater reassurances to your company.