Question about security...

swhitmire

Reputable Poster
Hi, we're just setting up OneWorld, and we're curious to know how many
people use user-based security
and how many use system-based. Also, for either scenario, what external
reporting tools, if any, do you use?
Any information is greatly appreciated.

Thanks,
--Scotti Whitmire
DeRoyal Industries
Xe, SP14.2, RS/6000, Oracle 8i.
 
Scott,

We are system based. When you use user-based, you are getting into more
maintenance with having multiple database passwords.

Mechele
Xe, SP14.1, Win2000, NT JAS, SQL6




swhitmire <[email protected]> on 03/07/2001 10:18:14 AM

Please respond to [email protected]

To: [email protected]
cc: (bcc: Mechele Baker/Whittman-Hart LP)
Subject: Question about security...



Hi, we're just setting up OneWorld, and we're curious to know how many
people use user-based security
and how many use system-based. Also, for either scenario, what external
reporting tools, if any, do you use?
Any information is greatly appreciated.

Thanks,
--Scotti Whitmire
DeRoyal Industries
Xe, SP14.2, RS/6000, Oracle 8i.




--------------------------
To view this thread, visit the JDEList forum at:
http://198.144.193.139/cgi-bin/wwwthreads/showflat.pl?Cat=0&Board=OW&Number=6833
*************************************************************
This is the JDEList One World / XE Mailing List.
Archives and information on how to SUBSCRIBE, and
UNSUBSCRIBE can be found at http://www.JDELIST.com
*************************************************************
 
Scotti,

I assume you mean database security scheme.

A strong argument may be made that the system security scheme (only 1 or 2 database IDs used by all JDE user accounts) is a stronger/safer scheme.

1) Multiple accounts = multiple opportunities for disclosure.

2) Unless you truly understand all the database interactions for all the OneWorld objects you cannot safely assign exclusive permissions on database objects by database user/account (HR/Payroll possible exception to this rule). Attempting to control user access to data at the database level is a dangerous exercise in futility that can cause data integrity problems - consider the affects of granting someone write permissions to inventory master and transaction tables but denying read/write to G/L master and transaction tables.
ERP systems are designed so that functions interact. Clear boundaries do not always exist.

3) Far easier to periodically change passwords on 1 - 2 accounts than on 100 - 200, thereby ensuring that the passwords will be changed.

My 2 cents,

Larry Jones
[email protected]
OneWorld B733.1, SP 11.3
HPUX 11, Oracle SE 8.1.6
SandBox: OneWorld XE
 

Similar threads

E8.12 Item Master Inter Operability
Replies
11
Views
521
Mike Mackinnon
Mike Mackinnon
E9.1 Security Assistance with S00950UOB
Replies
1
Views
1K
ChrisPa
E9.2 Object Usage Tracking - Retention and Exclusions
Replies
3
Views
2K
andymcclure
E9.2 Address Book Security - Category Code 06 "File can not be accessed"
Replies
3
Views
2K
peterbruce
peterbruce
JohnDanter2
E9.2 How to compose a JET Dashboard Page in E1
2
Replies
27
Views
3K
DaveWagoner
DaveWagoner
Back
Top