Did you know:

SAP has over 100,000 security 'permissions'?

Oracle's ERP and HCM Cloud has over 9,000 security 'permissions'?

Salesforce has a multiple layered approach to securing users and the data they work with?

JD Edwards has one of the most complex security model of all the ERP applications?

Your organization is likely running a main stream ERP, HCM and CRM Application, and in addition a high number of 'edge', industry specific and custom applications. In addition to these applications, you may be running them on a cloud based service, and some kind of identity provider to connect all the dots.

To run one application is a major undertaking for application, security, compliance and audit teams to work through, but with a high number of them all interconnected, the challenge can be overwhelming. What if an order can be received and recorded in CRM, but has to be approved in ERP? What then if the order is manufactured and that process takes place in another (connected) application? Maybe your core ERP application feeds data into a financial close application, who can post journals and open/close accounting periods between these application?

At Seecuring we work with customers who have large numbers of applications in scope that need to be reviewed on a quarterly process, both within the application and the risks associated with their connectivity. We have to go deep into the applications to ensure completeness and accuracy. To help our customer we developed a process for rapid onboarding of new or custom applications:

* Once we ingest the data from the new application into our platform we analyze the permissions and privileges along with the security model.

* Once the analysis is done we run all the security data through a process that matches these permissions against hundreds of risks.

* New sensitive access rules relating to the application are created, for example Supplier Creation, followed by segregation of duty rules such as create supplier vs approve supplier.


This process is proving to offer significant benefits, including:

* Drastically reduce time to visibility and increase confidence in the effectiveness over the risks and appropriate controls in your applications.

* Improve the accuracy of your security, compliance and audit processes.

* Lower audit costs significantly through automation.

* Improve security efficiency by focusing on what matters.

Seecuring offers this process by way of subscription, onboarding any application or service that is in scope. Once onboarded Seecuring will 'scan' environments for risks, present findings and help triage the issues - a perfect combination of technology and services.

We have pre-built analysis for Oracle Cloud Applications, PeopleSoft, JD Edwards, Microsoft Dynamics, SAP Concur, Oracle EPM/Hyperion, Yardi Applications, Oracle OCI, Microsoft Azure, and more

If you want to get control of your application and service footprint, without expensive software investments, integrations and projects, get in touch:



Contact Us

Resources

Understanding Role Delegations in Oracle ERP/HCM Cloud

Continue Reading...

Fraud and Data Loss - one and the same?

Securing the Financial Close