Effective application security is non-negotiable in the workplace these days. With threats coming in from any and all angles, it’s important to ensure your sensitive data is as airtight as possible. Third-party security solutions provide an additional layer of defense on top of any other security practices you might have in place, but not all are created equal.
Choosing the right third-party security solution for JD Edwards is an important decision that can have long-term consequences. You’ll need to consider your company’s short-term and long-term needs, assess existing security practices and parameters, and forecast potential threats to select the best tool for you. That’s why we’re examining one of our trusted third-party security solution partners, ALLOut Security.
In this article, we’ll go over what ALLOut Security is and why it’s beneficial for JDE users.
ALLOut Security
ALLOut Security (AOS) is a third-party security and compliance solution for JD Edwards EnterpriseOne and World that is fully built inside JDE and uses native JDE tables for all maintenance. Founded in 2004 in response to a need for a flexible, modular, and less intrusive way to manage security and compliance, and to provide robust compliance capabilities within JD Edwards, AOS looks and feels like standard JDE so it is easy to learn and use. AOS is a modern security solution that allows you to accelerate your business while simplifying your compliance, reporting and security needs in JDE.
AOS features 6 modules covering all aspects of managing security and risk within JD Edwards. These modules include:
- Security Plus
- CombiRoles
- Menu Plus
- Profile Plus
- Risk Management
- Risk Reporting
Let’s go through each of the modules to understand what it does and how it can benefit your company.
Security Plus
The Security Plus module creates and manages the core security settings for your JDE system. This module allows you to create, maintain, and manage all security types in a single screen, including all UDO objects. Rather than having to check boxes and drag applications from unsecured to secured, you can simply type in a grid. Changing access is as simple as changing a ‘N’ to a ‘Y’ in the grid. Easily view the security table audit information in the grid to see when a record was last updated and by whom. This module drastically increases your efficiency in maintaining all security records.
CombiRoles
CombiRoles is designed to simplify and provide insight into security conflicts between roles and optimize the user experience. CombiRoles also brings security change control to JDE. You heard that right! With AOS CombiRoles, you now have the ability to make changes in non-production, and then review, approve, and promote changes to security within a role or changes in roles assignments to Production. With full auditing of all changes, you will now be able to test access changes without affecting production and seamlessly promote to production.
Menu Plus
Menu maintenance can be a time-consuming task even for the most adept. With Menu Plus, you can now easily add, edit, and re-sequence all your menu items in a grid. Need to add menu translations? Easily export the original task names, translate, and reimport the alternate language with just a few clicks. Do you need to help troubleshoot user issues when they are using form and row exits? Menu Plus simplifies this task by allowing you to see what your user sees and then drill down into the form and row exits or UBE interconnects to see their actual security in the same screen where you are researching it.
Profile Plus
No more going to multiple screens to create, delete, or maintain your user accounts. With Profile Plus, you can do everything from a single screen. You can easily review anomalies in user setup, such as password change intervals or attempts, and correct them at the same time. With multiple reporting options, you can easily see your active and inactive users to make sure you are only paying for what you need. Need to add a role to multiple users? You can do that quickly and easily. With role assignments in a grid, you can add multiple roles to a user, or multiple users to a role. Role controls also allow you to add assignment notes and role approvers to ease future audit requirements.
Risk Management
There is no native risk management capability in JDE. With AOS Risk Management, you can take control of internal risks with minimal effort. Easily find, report on, resolve, or mitigate risks in your environment before the auditors show up and you can reduce your audit timeframe and cost. Enable user access controls with role requests and approval workflows. No more accidentally assigning a critical role to a user. You can also configure preventative Segregation of Duties controls to be certain that the most critical of your vulnerabilities are never assigned to users. Not only can you manage risks within JDE, you can also include external processes to ensure regardless of the system being accessed, your controls are being enforced.
Risk Reporting
Most companies perform annual risk reviews by performing a user access review along with a SoD review. This is commonly only done annually due to the time needed to produce this information. Unfortunately, this means that many risks or excessive access can go unnoticed for many months. With Risk Reporting, you can automate these tasks. What used to take days can be accomplished in a couple of hours, allowing more frequent reporting and catching gaps in your access before they can become a problem.
Fortify Your Security
ALLOut Security is available as an annual subscription and the cost is based on your active JDE user count and the AOS modules selected. AOS is also simple to install and upgrade as there are no table conversions or SQL statements to migrate data between tables. With flexibility in licensing and a quick ROI, why aren’t you using ALLOut Security?
For more information, schedule a consultation to discuss your needs and how we can help you achieve your security goals.
