Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introducing SECURITY MIGRATION

Published byChristine Radner Modified over 10 years ago

Similar presentations

Presentation on theme: "Introducing SECURITY MIGRATION"— Presentation transcript:

1 Introducing SECURITY MIGRATION
Simplify the move to Lawson Security 9 Introducing SECURITY MIGRATION This presentation demonstrates the new capabilities of PowerPoint and it is best viewed in Slide Show. These slides are designed to give you great ideas for the presentations you’ll create in PowerPoint 2010! For more sample templates, click the File tab, and then on the New tab, click Sample Templates.

2 Agenda Background LAUA Security Methodology LS9 Security Methodology
Thank you for taking to time to view our presentation. I will be walking you through each step in our migration process. Just remember to click after each slide and we should be done soon! Background LAUA Security Methodology LS9 Security Methodology Migration Process Our Solution Deliverables Tips & Tricks Agenda

3 A little about us. Our Background Founded by Dan and Brad Kinsey, K&K has provided software sales, implementations, support and development for over 29 years. Lawson reseller and implementation partner since 1996 Lawson Certified Systems Integrator Partner Lawson Complementary Software Partner Lawson’s “Go to” Reseller/Implementer for Public Sector 2 time Partner of the Year Focusing on the development of Lawson complementary software products

4 LAUA Security Methodology
Let me provide a brief explanation of how LAUA security works. LAUA Security Methodology LAUA security is a structured Silo model built by creating Security Classes that restrict access to specific System Codes, Forms, Function Codes and Tables. A major restriction of this model is that it fails to provide any ability to share security settings between Security Classes. And since users can only be attached to a single Security Class, a slightly different job requirement requires an entirely new Security Class.

5 LAUA Silo Structure I call this the Silo effect. Nothing about your security is shared from one class to another making the model difficult to manage. IC Admin IC Super IC Clerk IC Assist IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1

6 LAUA Silo Structure When you set up a new class full access is provide by default. You can then restrict access to systems, table, forms and functions. IC Admin IC Super IC Clerk IC Assist IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1

7 LAUA Silo Structure A slightly different role requires you to set up a new class. In this example black represents full access, red is no access, and blue is inquiry only. IC Admin IC Super IC Clerk IC Assist IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC240 IC241 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1

8 LS9 Security Methodology
Lawson adopted a new methodology with Security 9 LS9 Security Methodology Lawson has changed the security model to follow a role based structure. In this model Security Classes are created to group a series of forms together to accomplish a specific task. (i.e. IC Setup). These Security Classes (tasks) are then assigned to Roles within the organization (i.e. Inventory Manager). Security Classes can be shared between multiple roles and users can be assigned to more than one role in the organization.

9 LS9 Structure No User access is provided by default
This example reflects the same security access as the LAUA graphic only now organized by Role and Task. Some major differences are listed below. IC Admin IC Super IC Clerk IC Assist IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 Inventory03 Inventory02 IC10.2 IC11.1 IC10.1 IC11.2 IC11.3 IC11.6 IC12.2 IC15.1 IC12.1 IC20.1 IC20.2 IC20.4 IC21.1 IC11.4 IC11.5 IC242 IC241 IC240 IC262 IC260 IC280 IC246 Inventory01 IC20.1 IC20.2 IC11.6 IC20.4 IC21.1 Inventory05 IC11.2 IC11.3 IC11.1 IC11.4 IC11.5 Inventory04 No User access is provided by default Security Classes (Tasks) grant specific Form, Function Code and Table access Conditional Logic can be added at any level Objects are shared between Roles and Users Multiple Roles can be assigned to a User

10 Accuracy Resources Cost Time
Complementing Lawson Solutions So what are our customers’ biggest concerns? Accuracy Resources Cost Time

11 BUILDING LS9 Define your organization’s Roles (AP Manager, AP Clerk)
At a high level these are the steps you need complete when setting up Security 9. Click to see what our utility can do for you automatically! Define your organization’s Roles (AP Manager, AP Clerk) Define a list of operational tasks (AP Invoice Entry, Check Processing) Assign form names to each Task (over 6000 forms) Assign table names to each Task Determine access Rules for each form (ACDINP+-) Build your Task (Security Classes) Build your Roles Determine which forms each user needs to access for proper class assignments Assign your Task (Security Classes) to your Roles Assign your Roles to your Users Implement form Rules Build conditional logic Perform positive and negative Testing

12 BUILDING LS9 Define your organization’s Roles (AP Manager, AP Clerk)
Your Roles, Security Classes and User assignments are created automatically ! You’re well on you way to building a new model! Define your organization’s Roles (AP Manager, AP Clerk) Define a list of operational tasks (AP Invoice Entry, Check Processing) Assign form names to each Task (over 6000 forms) Assign table names to each Task Determine access Rules for each form (ACDINP+-) Build your Task (Security Classes) Build your Roles Determine which forms each user needs to access for proper class assignments Assign your Task (Security Classes) to your Roles Assign your Roles to your Users Implement form Rules Build conditional logic Perform positive and negative Testing

13 So what’s the challenge? Well, how about these thoughts….
Identifying and Validating the forms a User needs to access Organizing over 6,000 forms and tables into Security Classes Properly restricting function code access for each form Building conditional Logic Creating and assigning Roles to users Verifying User security

14 Customize, Validate & Deploy
Our 3 Step Approach 1 Analyze & Tune 2 Build & Load 3 Customize, Validate & Deploy Let’s explore our 3 step approach….

15 1 STEP 1 - TUNE Analyze & Tune
Our process is based on analyzing and tuning LAUA before we build LS9. Let me explain how these 3 steps help us with that challenge. Use our Listener to find the forms that are being accessed Analyze LAUA using our SOD violation report Identity common access points between Security Classes to eliminate redundant classes 1 Analyze & Tune

16 Over a period of a few weeks we track all form activity for each user.
Analyze & Tune LISTEN IC Clerk IC Assist IC Super IC Admin Lawson Database Lawson Applications Listener Application Listener Database Our Listener application will collect information on who, when and how every form has been used.

17 Analyze & Tune LISTEN We then analyze this data in many different fashions using pivot tables. Use the Listener Pivot tables to analyze actual usage by Security Class/Form, User/Form, User/System Code, or System Code/Security Class

18 Analyze & Tune TOKENS NOT USED The listener results are then compared to your LAUA security settings. You can change LAUA straight from Excel. The Tokens Not Used report compares your actual usage to your security settings. For tokens not being used simply drag and drop the word ‘DENY’ in any cell to change LAUA security.

19 Analyze & Tune ANALYZE - SOD The next step involves using our segregation of duties module to look for potential problems in LAUA. Segregation of Duties ensures an appropriate level of checks and balances upon the activities of individuals.

20 ANALYZE - SOD Analyze & Tune
Our 192 policies use over 2000 rules to make sure you have implemented the proper checks and balances.

21 ANALYZE - SOD Analyze & Tune
You can now use this report to change LAUA and prevent future violations in LS9.

22 Analyze & Tune ANALYZE - REPORT Next we want to check for redundant classes. This comparison graph highlights where we might have similar LAUA classes. The LAUA Class Comparison Graph helps identify the security classes that may be similar.

23 Analyze & Tune ANALYZE Our LAUA reporting allows you to review exactly how your security is defined. Using the LAUA Security Report allows you to evaluate specific security class settings and differences. This report includes security settings for forms, tables, conditional logic, data security and user profiles.

24 Analyze & Tune ANALYZE Security classes are lined up side by side allowing you to easily see any differences.

25 ANALYZE & TUNE Analyze & Tune
So now that we have tuned LAUA based on actual usage, segregation of duty violations and redundant classes let’s move on the Step 2.

26 Our utility will do these steps for you automatically!
STEP 2 - BUILD Conversion Utility Create Security Classes Create Roles Assign Security Classes to Roles Assign Roles to the appropriate Users Create LS9 profile using Lawson’s load utilities 2 Build & Load

27 LS9 Structure IC242 IC241 IC240 IC262 IC260 IC280 IC246 Inventory01 Inventory02 IC10.2 IC11.1 IC10.1 IC11.2 IC11.3 IC11.6 IC12.2 IC15.1 IC12.1 IC20.1 IC20.2 IC20.4 IC21.1 IC11.4 IC11.5 Let’s go back to the original LAUA diagram. By identifying common access for each system code across all security classes we can create unique task. Click to see how. IC Clerk IC Assist IC Super IC Admin IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 Inventory03 IC11.2 IC11.3 IC11.1 IC11.4 IC11.5 Inventory04 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC10.1 IC10.2 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 IC12.2 IC15.1 IC12.1 IC240 IC241 IC246 IC260 IC242 IC262 IC11.6 IC280 IC20.1 IC20.2 IC20.4 IC21.1 IC10.1 IC10.2 IC11.1 IC11.2 IC11.3 IC11.5 IC12.2 IC15.1 IC11.4 IC12.1 IC11.6 IC20.1 IC20.2 IC20.4 IC21.1 IC11.1 IC11.2 IC11.3 IC11.5 IC11.4 IC240 IC241 IC246 IC260 IC242 IC262 IC280 IC20.1 IC20.2 IC11.6 IC20.4 IC21.1 Inventory05 IC11.6 IC20.1 IC20.2 IC20.4 IC21.1 The utility identifies common access between Security Classes and creates an LS9 task.

28 LS9 Structure Roles IC Admin IC Super IC Clerk IC Assist IC Tables Inventory02 IC10.2 IC11.1 IC10.1 IC11.2 IC11.3 IC11.6 IC12.2 IC15.1 IC12.1 IC20.1 IC20.2 IC20.4 IC21.1 IC11.4 IC11.5 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC200 IC201 IC202 Inventory03 IC242 IC241 IC240 IC262 IC260 IC280 IC246 Inventory01 IC20.1 IC20.2 IC11.6 IC20.4 IC21.1 Inventory05 IC11.2 IC11.3 IC11.1 IC11.4 IC11.5 Inventory04 ICTABLES Inventory Your old security classes become Roles, the class are built automatically and we make the proper connections including tables.

29 LS9 Structure Roles IC Admin IC Super IC Clerk IC Assist IC Tables IC Setup 01 IC10.2 IC11.1 IC10.1 IC11.2 IC11.3 IC11.6 IC12.2 IC15.1 IC12.1 IC20.1 IC20.2 IC20.4 IC21.1 IC11.4 IC11.5 IC Setup 02 IC01.1 IC01.2 IC06.1 IC07.1 IC08.1 IC Reports 01 IC200 IC201 IC202 IC242 IC241 IC240 IC262 IC260 IC280 IC246 IC Reports 02 IC20.1 IC20.2 IC11.6 IC20.4 IC21.1 IC Setup RO 01 IC11.2 IC11.3 IC11.1 IC11.4 IC11.5 IC Setup RO 02 ICTABLES Inventory If you need to be more granular we can create classes based on the category list shown here. Categories: Setup, Processing, Analysis, Update Batch Job, Purge Batches, Reports, Interfaces, and Miscellaneous.

30 Customize, Validate & Deploy
You’re now ready for the final phase where we add special logic, tune function codes and get the users to do some testing. STEP 3 Compare and tune form access rules Evaluate and create conditional logic Validate User access Activate Security 9 3 Customize, Validate & Deploy

31 Customize, Validate & Deploy
OUTLIER REPORT The Outliers report identifies any special function rules in LAUA that we may want to incorporate in the LS9 model.

32 ANALYZE & TUNE Analyze & Tune
One you tweak your function codes some additional time may be required to build special rules based on your organizations requirements, but your pretty much ready for testing.

33 Security 9 Reports – Security Admin Reports
You’ll have access to our security dashboard to evaluate any security settings while performing your test.

34 Security 9 Reports – Security Admin Reports
Our flexible user interface makes it simple to analyze your model.

35 VALIDATE - SOD You can continue to use our segregation of duties module to check for any user violations in LS9. Segregation of Duties ensures an appropriate level of checks and balances upon the activities of individuals.

36 Customize, Validate & Deploy
SELF SERVICE We’re just about done . If you need help with self-service we deliver a proven set of templates for ESS, MSS and RCQ.

37 SERVICES Security Overview and Kickoff Software Installation
Here is a quick overview of the services required to complete the project. We will do as much as you want or let you take the lead! Security Overview and Kickoff Software Installation Technical Support Kinsey Project Manager Report Training Creation of Security Classes and Roles Security Class and Rule Analysis Assist with Data Element Security Assist with Conditional Logic Proof of Concept Workshop Security Testing Security Training Go Live Support

38 You will have access to all of these products during the project.
TOOLS You will have access to all of these products during the project. Token Listener Security Builder Segregation of Duties LAUA Reporting LS9 Dashboard

39 These highlights are what make us different.
Takes advantage of the knowledge already put into LAUA security Utilizes actual form usage to fine tune security settings Re-engineers LAUA to automatically build your LS9 security model Includes all Custom Forms created in your system Leverages Lawson’s utilities for building LDAP Takes significantly less time than other methods Requires less of your resources It’s built around your business practices These highlights are what make us different.

40 And as we like to think, it’s not about converting LAUA, it’s about building a better model!
Guy Henson VP Business Development cell:

Download ppt "Introducing SECURITY MIGRATION"

Similar presentations

Leveraging an Integrated ERP and CRM System - Featuring Sage MAS 500 ERP and Sage SalesLogix CRM.

Leveraging an Integrated ERP and CRM System - Featuring Sage MAS 500 ERP and Sage SalesLogix CRM.
Efficient, Productive Solutions SECURITY SOLUTIONS for LAWSON SOFTWARE Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to.

Efficient, Productive Solutions SECURITY SOLUTIONS for LAWSON SOFTWARE Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to.
With Folder HelpDesk for Outlook, support centres and other helpdesks can work efficiently with support cases inside Microsoft Outlook. The support tickets.

With Folder HelpDesk for Outlook, support centres and other helpdesks can work efficiently with support cases inside Microsoft Outlook. The support tickets.
BI 4.0 - Web Intelligence 4.0. Business Challenges Incorrect decisions based on inadequate data Lack of Ad hoc reporting and analysis Delayed decisions.

BI Web Intelligence 4.0. Business Challenges Incorrect decisions based on inadequate data Lack of Ad hoc reporting and analysis Delayed decisions.
Enhanced XA Security CISTECH Security Solutions Belinda Daub, Senior Consultant Technical Services 704-814-0004.

Enhanced XA Security CISTECH Security Solutions Belinda Daub, Senior Consultant Technical Services
Complementary Solutions for Lawson S3 MONITORING AND AUDITING FOR LAWSON S3 November 2013 Presented by Dan Kinsey.

Complementary Solutions for Lawson S3 MONITORING AND AUDITING FOR LAWSON S3 November 2013 Presented by Dan Kinsey.
Efficient, Productive, Time-Saving Solutions TRANSACTION AUDITING Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view.

Efficient, Productive, Time-Saving Solutions TRANSACTION AUDITING Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view.
Test Case Management and Results Tracking System October 2008 D E L I V E R I N G Q U A L I T Y (Short Version) www.megalith-solutions.com.

Test Case Management and Results Tracking System October 2008 D E L I V E R I N G Q U A L I T Y (Short Version)
ONYX RIP Version Technical Training General. Overview General Messaging and What’s New in X10 High Level Print and Cut & Profiling Overviews In Depth.

ONYX RIP Version Technical Training General. Overview General Messaging and What’s New in X10 High Level Print and Cut & Profiling Overviews In Depth.
1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.
Efficient, Productive, Time-Saving Solutions ACTIVITY MONITOR Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view our.

Efficient, Productive, Time-Saving Solutions ACTIVITY MONITOR Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view our.
Sage 300 ERP 2012 Release Highlights SAGE 300 ERP 2012 – Release Highlights Simplify update processes (Sage Advisor Update) Reduced time navigating (Visual.

Sage 300 ERP 2012 Release Highlights SAGE 300 ERP 2012 – Release Highlights Simplify update processes (Sage Advisor Update) Reduced time navigating (Visual.
SmartSystems™ Foundation Product Overview

SmartSystems™ Foundation Product Overview
SiS Technical Training Development Track Day 7. Agenda  Understand Component Interface  Understand Excel to CI  Practice Data Loading using ECI (Instructor.

SiS Technical Training Development Track Day 7. Agenda  Understand Component Interface  Understand Excel to CI  Practice Data Loading using ECI (Instructor.
2 Why Sage Intelligence What is Sage Intelligence Software Demonstrations Success Story Competitive Advantages Questions You May Have Icons and Components.

2 Why Sage Intelligence What is Sage Intelligence Software Demonstrations Success Story Competitive Advantages Questions You May Have Icons and Components.
2004-2006, TargetProcesswww.targetprocess.com1 TargetProcess:Suite Agile Project Management System Powers iterative development Focuses on Project Planning,

, TargetProcesswww.targetprocess.com1 TargetProcess:Suite Agile Project Management System Powers iterative development Focuses on Project Planning,
Statewide Financial System Program 1 AR 215 Creating and Maintaining Receivables AR 215 Creating and Maintaining Receivables Welcome.

Statewide Financial System Program 1 AR 215 Creating and Maintaining Receivables AR 215 Creating and Maintaining Receivables Welcome.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
Automating your Business Processes Using Oracle Workflow Therron Hofsetz Logical Apps, Inc.

Automating your Business Processes Using Oracle Workflow Therron Hofsetz Logical Apps, Inc.
IBM Proof of Technology Discovering the Value of SOA with WebSphere Process Integration © 2005 IBM Corporation SOA on your terms and our expertise WebSphere.

IBM Proof of Technology Discovering the Value of SOA with WebSphere Process Integration © 2005 IBM Corporation SOA on your terms and our expertise WebSphere.

Similar presentations

Ads by Google