SlideShare una empresa de Scribd logo

JDE & Peoplesoft 2 _ Mike Ward _ Security implications of Upgrading JDE.pdf

I
InSync2011

The document discusses security considerations when upgrading JD Edwards E1. It outlines some common security issues in the current JD Edwards E1 system, such as a lack of segregation of duties and complex access controls. It stresses the importance of planning security as part of any upgrade project to address issues and ensure controls are effective. Finally, it notes how effective security can help justify the costs of an upgrade project.

1 de 38
Descargar para leer sin conexión
Security  Implica/ons  when   Upgrading  JD  Edwards   Mike  Ward   Managing  Director   • The most comprehensive Oracle applications & technology content under one roof
Have  pity  on  the  homeland.....   • The most comprehensive Oracle applications & technology content under one roof
Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
             The  Oracle  Security  &  Compliance  People   270+ Customers • The most comprehensive Oracle applications & technology content under one roof
Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
Why  Upgrade?   •  MigraAng  from  World  to  E1  ?   •  Moving  from  blue  stack  to  red  stack  ?   •  Support  consideraAons  ?   •  Moving  to  newer  standards  based  IT  ?   •  Moving  to  higher  performance  h/w  &  s/w   plaKorm  ?   •  ConsolidaAng  instances  of  JDE  ?   •  New  FuncAonality  ?   • The most comprehensive Oracle applications & technology content under one roof
Issues  with  Instance  ConsolidaAon?   Instance  refers  to  the  unique  set  of  JD  Edwards  EnterpriseOne  data  which  includes   transacAonal  data,  control  tables  and  system  data     Increased   Maintenance   Cost   MulAple   Disparate   data   processes   centers   MulAple   Duplicate   ERP   architecture   WARNING versions   SIGNS Highly   Customised   Improper   Environment   controls   • The most comprehensive Oracle applications & technology content under one roof
Upgrade  consideraAons  –  FuncAonal  Changes   1,000+ Enhancements Industry Modules New   Func/onality   Fraud & IP Theft Custom Share Price Business   Programs Risks   Loss of Business Processes   & Inability to do job Improvements Alignment  of   Controls   Maximise Staff Effectiveness Affects Roles / Responsibilities • The most comprehensive Oracle applications & technology content under one roof
Security  &  Upgrades   Scope  Creep   •  Ex-­‐employees  sAll  have  access   •  Changes  to  business  processes   •  OrganisaAonal  &  process  changes   •  Upgrades.........   Risk Task 4 Task 3   Task 3 Task 2 Task 2 Task 1 Task 1 Time • The most comprehensive Oracle applications & technology content under one roof
Fraud  will  never  happen  to  You   •  75%  of  fraud  is  due  to  ineffecAve  internal   controls,  split  between     –  Lack  of  controls  38%   –  Over  riding  controls  19%   –  Lack  of  management  review  18%   •  80%  of  businesses  modify  controls  a^er  Fraud   AssociaAon  of  CerAfied  Fraud  Examiners   • The most comprehensive Oracle applications & technology content under one roof
It  doesn’t  happen  here.......   UK: Canada:61% admit businesses suffered crime NewSouth 50% largesuffered “significant fraud Germany: 55% companieseconomicfraud USA:almost Africa: 62%persuffering fraud 35% companies to business suffered companies Zealand: 42% suffered suffered crime almost83%incidents experiencedmost common -  Average 8 - average cost $491,000 economic crime”asset misappropriation bribery & - 75% of 59% (5,000+ employees) - larger - Average cost 40% suffered economic crime Australia: of sufferedchancemilliontip-off - -most 38% detected by 100 incidentsEuros crime cost 4.2 increasingly corruption or by -33% of these by middle / senior management - likely cause is pressure due to economy Source: PwC 2009 fraud survey Crime survey Source: PwCopportunitySource: PwC driver survey 2009 - increased 2009Source: PwCPwC 2009 crime survey fraud Source: 2009 Crimecrime Source: PwC 2009 survey survey is primary Source: PwC 2009 crime survey • The most comprehensive Oracle applications & technology content under one roof
SegregaAon  of  DuAes  (SoD)   Jones & Jones Inc. A Manager Sets up MB Inc. as a supplier Accepts Purchase Invoices from MB Inc. Approves Invoices Processes for Payment Transfers the funds Runs  off  with  $1m   • The most comprehensive Oracle applications & technology content under one roof
•  VP  in  Finance  Department   •  July  –  December  2010   •  Stole  $19m   “Defendant  bought  a  Masera3,  6  Proper3es,   and  a  $½m  entertainment  system”   “Excessive  Access  Rights”   • The most comprehensive Oracle applications & technology content under one roof
Deloife  –  Auditor  Survey   •  3  Most  Common  Frauds   –  MisappropriaAon  of  Assets  –  31%   –  Improper  Expenditures  –  22%   –  Procurement  Fraud  –  16%   •  63%  companies  say  vulnerability  has  increased   •  83%  UK  companies  had  suffered  fraud   • The most comprehensive Oracle applications & technology content under one roof
Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
Issues  in  JD  Edwards  E1   §  All  Doors  Open  v  All  Doors  Closed   •  Menu  Security  is  no  Security   •  No  SegregaAon  of  DuAes   •  Access  to  criAcal  programs   •  30+  security  types,    300  opAons   •  35,000  Objects     •  Complexity  of  Maintenance  -­‐  forms,  versions   •  MulAple  roles  /  Sequence  Manager   •  Unexpected  security  authoriAes   •  Changes  lead  to  unexpected  results   •  ApplicaAon  access  is  very  complex   •  Task  Views   •  FineCut   •  FastPath     •  Hidden  &  Associated  Applica/ons   • The most comprehensive Oracle applications & technology content under one roof
Issues  in  JD  Edwards  E1   §  All  Doors  Open  v  All  Doors  Closed   •  Menu  Security  is  no  Security   •  No  SegregaAon  of  DuAes   •  Access  to  criAcal  programs   •  30+  security  types,    300  opAons   •  35,000  Objects     •  Complexity  of  Maintenance  -­‐  forms,  versions   •  MulAple  roles  /  Sequence  Manager   •  Unexpected  security  authoriAes   •  Changes  lead  to  unexpected  results   •  ApplicaAon  access  is  very  complex   •  •  •  Task  Views   FineCut   FastPath       •  Hidden  &  Associated  Applica/ons   • The most comprehensive Oracle applications & technology content under one roof
Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
Auditors  Recommend  Roles  Based  Access  Control     •  NaAve  in  8.10  upwards   •  EssenAal  to  retain  this  funcAonality   •  Why  .....   § Simplified  systems  administraAon   § Enhanced  security  &  integrity   § Simplified  regulatory  compliance     § Enhanced  organisaAonal  producAvity   • The most comprehensive Oracle applications & technology content under one roof
Security  Planning   •  Upgrading  is  a  good  Ame  to  review  security   –  Has  it  kept  pace  with  organisaAonal  changes?   –  Are  you  suffering  from  “security  creep”?   –  Who  can  access  criAcal  programs?   –  What  is  your  security  policy?   •  All  Doors  Closed   –  Grant  back  access  –  Roles  Based  Access   Control   “Only  way  to  ensure  a  fully  auditable  system”   –  But  need  to  build  a  maintainable  model   “Sustainable  Compliance”   • The most comprehensive Oracle applications & technology content under one roof
Security  Planning   •  Security  must  not  be  an  a^erthought   – It  should  be  planned  in   – Should  match  business  processes   •  EffecAve  SoD  policy  is  a  must   – Prevent  Fraud   – Auditor  requirement   – Adds  value   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Added  Value   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Added  Value   Evaluate   Tools   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Added  Value   Take   Evaluate   Advice   Tools   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Risk   Management   Added  Value   Plan   Take   Evaluate   Advice   Tools   • The most comprehensive Oracle applications & technology content under one roof
Upgrading:  Security  plan  checklist   InformaAon   Gathering   Integrate   Audit   Security   Security   Risk   Management   Added  Value   Plan   Take   Evaluate   Advice   Tools   • The most comprehensive Oracle applications & technology content under one roof
Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
The  Dangers  and  Costs:  The  Alinean  ROI  Report   Avg. Risk of Avg. Business & Breaches per Avg. IT Staff Hours Collateral Typical Threats Year (per 1,000 per Breach Damage per users) Breach Virus / Worms / 4 hours per infected 2 $24,000 Trojans asset Denial of Service 2 serious incidents 32 hours per system $122,000 Data Destruction / 1 120 hours $350,000 Damage 25% employees Physical Theft 2 hours leave with $5,000 Disclosure assets Information Theft 1 180 hours $250,000 and Disclosure Policy Violation 30 2 hours $20,000 Errant User 2 hours 15 $20,000 Behaviour • The most comprehensive Oracle applications & technology content under one roof
Impact  Analysis    (Cost  of  InacAon)   PROBLEM POSSIBLE IMPACT Fail audit Cost of compensating controls? Poor SoD Control Cost of remedial action? Cost of fraud? Cost of errors? Incremental cost of Audit trying to get necessary data? Impact on business of failed audit? i.e. share price, lost orders Cost of compensating controls? Failed audit Cost of remedial action? Cost of fraud? Potential each quarter from shareholder litigation? Potential regulatory fines? Impact of missing deadline. Impact on other projects if SOX late Security / SOX Cost of overtime / additional internal resources to achieve deadline? deadline Cost of external resources to help achieve deadline Cost of security incidents? Unauthorised (CSI 2009 survey states average per incident cost exceeds Access / $230k ) Ineffective Incremental audit costs tracking posting / reconciliation errors Security (Ciber states that best way to reduce reconciliation errors to implement better security) • The most comprehensive Oracle applications & technology content under one roof
Return  On  Security  Investment  (ROSI)     •  Return  On  Investment  (ROI)   –  Money  earned  or  saved  v  Money  Invested   –  QuanAtaAve   •  Return  On  Security  Investment  (ROSI)   –  Includes  risk  reducAon   –  Includes  QualitaAve   –  Insurance   •  Auditors  place  value  in  accounts  for  risk   • The most comprehensive Oracle applications & technology content under one roof
Adding  Value  to  the  Upgrade   •  Establish  value  in  strong  Security   •  Maybe  use  RoSI?   •  Build  in  SoD  &  Compliance  ReporAng   •  Cost  of  inacAon?   •  Audit  to  reduce  Risk   • The most comprehensive Oracle applications & technology content under one roof
Summary   •  Functional upgrades will impact business processes –  Upgrading requires security restructure •  Technical upgrades may enable security standardisation •  JDE security has pitfalls for the unwary •  Ineffective security can prove costly –  Fraud is on the increase –  More regulations to comply with –  High non-compliance costs •  Effective security can assist in paying for upgrade –  Reduce opportunity for fraud –  Reduce non-compliance costs • The most comprehensive Oracle applications & technology content under one roof
Q  Product  Family   Quick Fix Accelerator Security Build & Maintain E1Config Audit E1SoD Compliance Reporting erpAudit • The most comprehensive Oracle applications & technology content under one roof
Q  –  Secure  &  Comply   •  ADC  in  a  few  days   •  80%  saving  in  Security  Management   •  Integrated  SoD   •  Extensive  Access  ReporAng   •  MulAple  Roles  retained  &  Improved   •  Audit  Security  –  tool  to  convince   Management   •  Upgrade  tools   • The most comprehensive Oracle applications & technology content under one roof
Cameron  has  it  all  under  control   • The most comprehensive Oracle applications & technology content under one roof
Ques/ons?   • The most comprehensive Oracle applications & technology content under one roof

Recomendados

IBM PureFlex - Expert Integrated System
IBM PureFlex - Expert Integrated SystemIBM PureFlex - Expert Integrated System
IBM PureFlex - Expert Integrated SystemIBM Danmark
 
Ibm pure flex client presentation
Ibm pure flex client presentationIbm pure flex client presentation
Ibm pure flex client presentationArrow ECS UK
 
Barrick simulation with mimic presentation
Barrick simulation with mimic presentationBarrick simulation with mimic presentation
Barrick simulation with mimic presentationMYNAH Technologies
 
E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...
E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...
E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...InSync2011
 
Amazing Winter Keynote - IT as a Team Sport
Amazing Winter Keynote - IT as a Team SportAmazing Winter Keynote - IT as a Team Sport
Amazing Winter Keynote - IT as a Team SportPaul Muller
 
Emerson Migration Services
Emerson Migration ServicesEmerson Migration Services
Emerson Migration ServicesSumeet Goel
 
Improve your JD Edwards audit (and your business) with the right security model
Improve your JD Edwards audit (and your business) with the right security modelImprove your JD Edwards audit (and your business) with the right security model
Improve your JD Edwards audit (and your business) with the right security modelInSync Conference
 
IBM PureSystems - a ground breaking new family of Expert Integrated Systems.
IBM PureSystems - a ground breaking new family of Expert Integrated Systems.IBM PureSystems - a ground breaking new family of Expert Integrated Systems.
IBM PureSystems - a ground breaking new family of Expert Integrated Systems.Gen-i
 

Recomendados

IBM PureFlex - Expert Integrated System
IBM PureFlex - Expert Integrated SystemIBM PureFlex - Expert Integrated System
IBM PureFlex - Expert Integrated SystemIBM Danmark
 
Ibm pure flex client presentation
Ibm pure flex client presentationIbm pure flex client presentation
Ibm pure flex client presentationArrow ECS UK
 
Barrick simulation with mimic presentation
Barrick simulation with mimic presentationBarrick simulation with mimic presentation
Barrick simulation with mimic presentationMYNAH Technologies
 
E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...
E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...
E-Business Suite 1 | Nadia Bendjedou | Oracle E-Business Suite applications s...InSync2011
 
Amazing Winter Keynote - IT as a Team Sport
Amazing Winter Keynote - IT as a Team SportAmazing Winter Keynote - IT as a Team Sport
Amazing Winter Keynote - IT as a Team SportPaul Muller
 
Emerson Migration Services
Emerson Migration ServicesEmerson Migration Services
Emerson Migration ServicesSumeet Goel
 
Improve your JD Edwards audit (and your business) with the right security model
Improve your JD Edwards audit (and your business) with the right security modelImprove your JD Edwards audit (and your business) with the right security model
Improve your JD Edwards audit (and your business) with the right security modelInSync Conference
 
IBM PureSystems - a ground breaking new family of Expert Integrated Systems.
IBM PureSystems - a ground breaking new family of Expert Integrated Systems.IBM PureSystems - a ground breaking new family of Expert Integrated Systems.
IBM PureSystems - a ground breaking new family of Expert Integrated Systems.Gen-i
 
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...eurocloud
 
Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001jucaab
 
Software Asset Management Strategies Europe 2012 Agenda
Software Asset Management Strategies Europe 2012 AgendaSoftware Asset Management Strategies Europe 2012 Agenda
Software Asset Management Strategies Europe 2012 AgendaMaria Willamowius
 
Corporate Overview
Corporate Overview Corporate Overview
Corporate Overview Bobby Brea
 
2011 10-26 bpm-talk_andrew_watson
2011 10-26 bpm-talk_andrew_watson2011 10-26 bpm-talk_andrew_watson
2011 10-26 bpm-talk_andrew_watsoncamunda services GmbH
 
Smarter Computing Integrated Systems
Smarter Computing Integrated SystemsSmarter Computing Integrated Systems
Smarter Computing Integrated SystemsIBMGovernmentCA
 
Nate Bean
Nate BeanNate Bean
Nate Beannbean
 
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von AspediensServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von AspediensRené Haeberlin
 
How We Built Test Automation within a Manual Testing Organization
How We Built Test Automation within a Manual Testing OrganizationHow We Built Test Automation within a Manual Testing Organization
How We Built Test Automation within a Manual Testing OrganizationAn Doan
 
PureApp Presentation
PureApp PresentationPureApp Presentation
PureApp PresentationProlifics
 
CPM and Operations Management
CPM and Operations ManagementCPM and Operations Management
CPM and Operations ManagementARC Advisory Group
 
Performance Management In The New Frontier Of Rich Internet Applications
Performance Management In The New Frontier Of Rich Internet ApplicationsPerformance Management In The New Frontier Of Rich Internet Applications
Performance Management In The New Frontier Of Rich Internet ApplicationsBen Rushlo
 
Dpm sapphire 2012
Dpm sapphire 2012 Dpm sapphire 2012
Dpm sapphire 2012 Melvyn D. Scofield
 
Sage MAS 90 MAPADOC EDI Case Study
Sage MAS 90 MAPADOC EDI Case StudySage MAS 90 MAPADOC EDI Case Study
Sage MAS 90 MAPADOC EDI Case StudySWK Technologies
 
In sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalIn sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalBendjedou Nadia
 
In sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalIn sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalInSync Conference
 
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...InSync2011
 
Alain ozan keynote zagreb.ppt [compatibility m
Alain ozan keynote zagreb.ppt [compatibility mAlain ozan keynote zagreb.ppt [compatibility m
Alain ozan keynote zagreb.ppt [compatibility mOracle Hrvatska
 
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...InSync2011
 
Carbon Footprinting Compliance Schemes - Australia
Carbon Footprinting Compliance Schemes - AustraliaCarbon Footprinting Compliance Schemes - Australia
Carbon Footprinting Compliance Schemes - AustraliaOcean Software
 
Oracle Embedded
Oracle EmbeddedOracle Embedded
Oracle EmbeddedPrem Kumar
 
Oracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovationOracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovationAlicja Sieminska
 

Más contenido relacionado

La actualidad más candente

Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...eurocloud
 
Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001jucaab
 
Software Asset Management Strategies Europe 2012 Agenda
Software Asset Management Strategies Europe 2012 AgendaSoftware Asset Management Strategies Europe 2012 Agenda
Software Asset Management Strategies Europe 2012 AgendaMaria Willamowius
 
Corporate Overview
Corporate Overview Corporate Overview
Corporate Overview Bobby Brea
 
Smarter Computing Integrated Systems
Smarter Computing Integrated SystemsSmarter Computing Integrated Systems
Smarter Computing Integrated SystemsIBMGovernmentCA
 
Nate Bean
Nate BeanNate Bean
Nate Beannbean
 
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von AspediensServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von AspediensRené Haeberlin
 
How We Built Test Automation within a Manual Testing Organization
How We Built Test Automation within a Manual Testing OrganizationHow We Built Test Automation within a Manual Testing Organization
How We Built Test Automation within a Manual Testing OrganizationAn Doan
 
PureApp Presentation
PureApp PresentationPureApp Presentation
PureApp PresentationProlifics
 
Performance Management In The New Frontier Of Rich Internet Applications
Performance Management In The New Frontier Of Rich Internet ApplicationsPerformance Management In The New Frontier Of Rich Internet Applications
Performance Management In The New Frontier Of Rich Internet ApplicationsBen Rushlo
 
Sage MAS 90 MAPADOC EDI Case Study
Sage MAS 90 MAPADOC EDI Case StudySage MAS 90 MAPADOC EDI Case Study
Sage MAS 90 MAPADOC EDI Case StudySWK Technologies
 

La actualidad más candente (14)

Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
Congress 2012: Enterprise Cloud Adoption – an Evolution from Infrastructure ...
 
Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001Fusion apps security_con8714_pdf_8714_0001
Fusion apps security_con8714_pdf_8714_0001
 
Software Asset Management Strategies Europe 2012 Agenda
Software Asset Management Strategies Europe 2012 AgendaSoftware Asset Management Strategies Europe 2012 Agenda
Software Asset Management Strategies Europe 2012 Agenda
 
Corporate Overview
Corporate Overview Corporate Overview
Corporate Overview
 
2011 10-26 bpm-talk_andrew_watson
2011 10-26 bpm-talk_andrew_watson2011 10-26 bpm-talk_andrew_watson
2011 10-26 bpm-talk_andrew_watson
 
Smarter Computing Integrated Systems
Smarter Computing Integrated SystemsSmarter Computing Integrated Systems
Smarter Computing Integrated Systems
 
Nate Bean
Nate BeanNate Bean
Nate Bean
 
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von AspediensServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
ServiceNow Event 15.11.2012 / Beispiele aus Kundenprojekten von Aspediens
 
How We Built Test Automation within a Manual Testing Organization
How We Built Test Automation within a Manual Testing OrganizationHow We Built Test Automation within a Manual Testing Organization
How We Built Test Automation within a Manual Testing Organization
 
PureApp Presentation
PureApp PresentationPureApp Presentation
PureApp Presentation
 
CPM and Operations Management
CPM and Operations ManagementCPM and Operations Management
CPM and Operations Management
 
Performance Management In The New Frontier Of Rich Internet Applications
Performance Management In The New Frontier Of Rich Internet ApplicationsPerformance Management In The New Frontier Of Rich Internet Applications
Performance Management In The New Frontier Of Rich Internet Applications
 
Dpm sapphire 2012
Dpm sapphire 2012 Dpm sapphire 2012
Dpm sapphire 2012
 
Sage MAS 90 MAPADOC EDI Case Study
Sage MAS 90 MAPADOC EDI Case StudySage MAS 90 MAPADOC EDI Case Study
Sage MAS 90 MAPADOC EDI Case Study
 

Similar a JDE & Peoplesoft 2 _ Mike Ward _ Security implications of Upgrading JDE.pdf

In sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalIn sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalBendjedou Nadia
 
In sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalIn sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalInSync Conference
 
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...InSync2011
 
Alain ozan keynote zagreb.ppt [compatibility m
Alain ozan keynote zagreb.ppt [compatibility mAlain ozan keynote zagreb.ppt [compatibility m
Alain ozan keynote zagreb.ppt [compatibility mOracle Hrvatska
 
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...InSync2011
 
Carbon Footprinting Compliance Schemes - Australia
Carbon Footprinting Compliance Schemes - AustraliaCarbon Footprinting Compliance Schemes - Australia
Carbon Footprinting Compliance Schemes - AustraliaOcean Software
 
Oracle Embedded
Oracle EmbeddedOracle Embedded
Oracle EmbeddedPrem Kumar
 
Oracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovationOracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovationAlicja Sieminska
 
Next Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan HartwellNext Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan HartwellHPDutchWorld
 
Oracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan HartwellOracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan HartwellHPDutchWorld
 
Oracle cloud story short
Oracle cloud story shortOracle cloud story short
Oracle cloud story shortYuri Grinshteyn
 
Value Of Cloud Computing For Fed Governmen Oct 8 Tim May
Value Of Cloud Computing For Fed Governmen Oct 8 Tim MayValue Of Cloud Computing For Fed Governmen Oct 8 Tim May
Value Of Cloud Computing For Fed Governmen Oct 8 Tim MayGovCloud Network
 
Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...
Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...
Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...InSync2011
 
E-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdf
E-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdfE-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdf
E-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdfInSync2011
 
Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001jucaab
 
Application Portfolio Rationalization
Application Portfolio RationalizationApplication Portfolio Rationalization
Application Portfolio RationalizationBob Rhubart
 
Omnikron Services 2009
Omnikron Services 2009Omnikron Services 2009
Omnikron Services 2009Robin Borough
 
WebLogic Consolidation Webcast 27 Jan 2011
WebLogic Consolidation Webcast 27 Jan 2011WebLogic Consolidation Webcast 27 Jan 2011
WebLogic Consolidation Webcast 27 Jan 2011Fumiko Yamashita
 
Solix Corporate Overview
Solix Corporate OverviewSolix Corporate Overview
Solix Corporate OverviewKunal Grover
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterGeneXus
 

Similar a JDE & Peoplesoft 2 _ Mike Ward _ Security implications of Upgrading JDE.pdf (20)

In sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalIn sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-final
 
In sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-finalIn sync10 nadiabendjedou-10things-final
In sync10 nadiabendjedou-10things-final
 
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
JDE & Peoplesoft 3 _ Sumedh Vipradas _ Reduce Invoice Processing Costs and Cy...
 
Alain ozan keynote zagreb.ppt [compatibility m
Alain ozan keynote zagreb.ppt [compatibility mAlain ozan keynote zagreb.ppt [compatibility m
Alain ozan keynote zagreb.ppt [compatibility m
 
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
Developer & Fusion Middleware 1 _ Advait Waghmare _ Integrate your 3PL with J...
 
Carbon Footprinting Compliance Schemes - Australia
Carbon Footprinting Compliance Schemes - AustraliaCarbon Footprinting Compliance Schemes - Australia
Carbon Footprinting Compliance Schemes - Australia
 
Oracle Embedded
Oracle EmbeddedOracle Embedded
Oracle Embedded
 
Oracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovationOracle Fusion Middleware,foundation for innovation
Oracle Fusion Middleware,foundation for innovation
 
Next Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan HartwellNext Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan Hartwell
 
Oracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan HartwellOracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan Hartwell
 
Oracle cloud story short
Oracle cloud story shortOracle cloud story short
Oracle cloud story short
 
Value Of Cloud Computing For Fed Governmen Oct 8 Tim May
Value Of Cloud Computing For Fed Governmen Oct 8 Tim MayValue Of Cloud Computing For Fed Governmen Oct 8 Tim May
Value Of Cloud Computing For Fed Governmen Oct 8 Tim May
 
Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...
Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...
Primavera _ Velmurugan Ganapathy _ Beyond Scheduling - Aligning primavera EPP...
 
E-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdf
E-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdfE-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdf
E-Business Suite 2 _ Mike Ward _ Fraud and its part in your downfall.pdf
 
Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001Fusion app tech_con8707_pdf_8707_0001
Fusion app tech_con8707_pdf_8707_0001
 
Application Portfolio Rationalization
Application Portfolio RationalizationApplication Portfolio Rationalization
Application Portfolio Rationalization
 
Omnikron Services 2009
Omnikron Services 2009Omnikron Services 2009
Omnikron Services 2009
 
WebLogic Consolidation Webcast 27 Jan 2011
WebLogic Consolidation Webcast 27 Jan 2011WebLogic Consolidation Webcast 27 Jan 2011
WebLogic Consolidation Webcast 27 Jan 2011
 
Solix Corporate Overview
Solix Corporate OverviewSolix Corporate Overview
Solix Corporate Overview
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao Datacenter
 

Más de InSync2011

Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...InSync2011
 
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdfNew & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdfInSync2011
 
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdfOracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdfInSync2011
 
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdfReporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdfInSync2011
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...InSync2011
 
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...InSync2011
 
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...InSync2011
 
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...InSync2011
 
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...InSync2011
 
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdfDatabase & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdfInSync2011
 
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdfDatabase & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdfInSync2011
 
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...InSync2011
 
Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...
Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...
Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...InSync2011
 
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...InSync2011
 
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...InSync2011
 
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...InSync2011
 
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...InSync2011
 
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...InSync2011
 
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...InSync2011
 
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...InSync2011
 

Más de InSync2011 (20)

Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
Developer & Fusion Middleware 2 _ Scott Robertson _ SOA, Portals and Enterpri...
 
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdfNew & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
New & Emerging _ KrisDowney _ Simplifying the Change Process.pdf
 
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdfOracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
Oracle Systems _ Kevin McIsaac _The IT landscape has changed.pdf
 
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdfReporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
Reporting _ Scott Tunbridge _ Op Mgmt to Perf Excel.pdf
 
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
Developer and Fusion Middleware 2 _ Scott Robertson _ SOA, portals and entepr...
 
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
Primavera _ Loretta Bayliss _ Implementing EPPM in rapidly changing and compe...
 
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
Database & Technology 1 _ Martin Power _ Delivering Oracles hight availabilit...
 
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
Database & Technology 1 _ Craig Shallahamer _ Unit of work time based perform...
 
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
Database & Technology 1 _ Marcelle Kratchvil _ Why you should be storing unst...
 
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdfDatabase & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
Database & Technology 1 _ Milina Ristic _ Why use oracle data guard.pdf
 
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdfDatabase & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
Database & Technology 1 _ Tom Kyte _ SQL Techniques.pdf
 
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
Database & Technology 1 _ Clancy Bufton _ Flashback Query - oracle total reca...
 
Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...
Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...
Databse & Technology 2 _ Francisco Munoz Alvarez _ Oracle Security Tips - Som...
 
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
Databse & Technology 2 _ Francisco Munoz alvarez _ 11g new functionalities fo...
 
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
Databse & Technology 2 | Connor McDonald | Managing Optimiser Statistics - A ...
 
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
Databse & Technology 2 _ Shan Nawaz _ Oracle 11g Top 10 features - not your u...
 
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
Databse & Technology 2 _ Paul Guerin _ The biggest looser database - a boot c...
 
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
Developer and Fusion Middleware 1 _ Kevin Powe _ Log files - a wealth of fore...
 
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
Developer and Fusion Middleware 2 _ Aaron Blishen _ Event driven SOA Integrat...
 
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
Developer and Fusion Middleware 2 _Greg Kirkendall _ How Australia Post teach...
 

JDE & Peoplesoft 2 _ Mike Ward _ Security implications of Upgrading JDE.pdf

  • 1. Security  Implica/ons  when   Upgrading  JD  Edwards   Mike  Ward   Managing  Director   • The most comprehensive Oracle applications & technology content under one roof
  • 2. Have  pity  on  the  homeland.....   • The most comprehensive Oracle applications & technology content under one roof
  • 3. Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
  • 4.              The  Oracle  Security  &  Compliance  People   270+ Customers • The most comprehensive Oracle applications & technology content under one roof
  • 5. Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
  • 6. Why  Upgrade?   •  MigraAng  from  World  to  E1  ?   •  Moving  from  blue  stack  to  red  stack  ?   •  Support  consideraAons  ?   •  Moving  to  newer  standards  based  IT  ?   •  Moving  to  higher  performance  h/w  &  s/w   plaKorm  ?   •  ConsolidaAng  instances  of  JDE  ?   •  New  FuncAonality  ?   • The most comprehensive Oracle applications & technology content under one roof
  • 7. Issues  with  Instance  ConsolidaAon?   Instance  refers  to  the  unique  set  of  JD  Edwards  EnterpriseOne  data  which  includes   transacAonal  data,  control  tables  and  system  data     Increased   Maintenance   Cost   MulAple   Disparate   data   processes   centers   MulAple   Duplicate   ERP   architecture   WARNING versions   SIGNS Highly   Customised   Improper   Environment   controls   • The most comprehensive Oracle applications & technology content under one roof
  • 8. Upgrade  consideraAons  –  FuncAonal  Changes   1,000+ Enhancements Industry Modules New   Func/onality   Fraud & IP Theft Custom Share Price Business   Programs Risks   Loss of Business Processes   & Inability to do job Improvements Alignment  of   Controls   Maximise Staff Effectiveness Affects Roles / Responsibilities • The most comprehensive Oracle applications & technology content under one roof
  • 9. Security  &  Upgrades   Scope  Creep   •  Ex-­‐employees  sAll  have  access   •  Changes  to  business  processes   •  OrganisaAonal  &  process  changes   •  Upgrades.........   Risk Task 4 Task 3   Task 3 Task 2 Task 2 Task 1 Task 1 Time • The most comprehensive Oracle applications & technology content under one roof
  • 10. Fraud  will  never  happen  to  You   •  75%  of  fraud  is  due  to  ineffecAve  internal   controls,  split  between     –  Lack  of  controls  38%   –  Over  riding  controls  19%   –  Lack  of  management  review  18%   •  80%  of  businesses  modify  controls  a^er  Fraud   AssociaAon  of  CerAfied  Fraud  Examiners   • The most comprehensive Oracle applications & technology content under one roof
  • 11. It  doesn’t  happen  here.......   UK: Canada:61% admit businesses suffered crime NewSouth 50% largesuffered “significant fraud Germany: 55% companieseconomicfraud USA:almost Africa: 62%persuffering fraud 35% companies to business suffered companies Zealand: 42% suffered suffered crime almost83%incidents experiencedmost common -  Average 8 - average cost $491,000 economic crime”asset misappropriation bribery & - 75% of 59% (5,000+ employees) - larger - Average cost 40% suffered economic crime Australia: of sufferedchancemilliontip-off - -most 38% detected by 100 incidentsEuros crime cost 4.2 increasingly corruption or by -33% of these by middle / senior management - likely cause is pressure due to economy Source: PwC 2009 fraud survey Crime survey Source: PwCopportunitySource: PwC driver survey 2009 - increased 2009Source: PwCPwC 2009 crime survey fraud Source: 2009 Crimecrime Source: PwC 2009 survey survey is primary Source: PwC 2009 crime survey • The most comprehensive Oracle applications & technology content under one roof
  • 12. SegregaAon  of  DuAes  (SoD)   Jones & Jones Inc. A Manager Sets up MB Inc. as a supplier Accepts Purchase Invoices from MB Inc. Approves Invoices Processes for Payment Transfers the funds Runs  off  with  $1m   • The most comprehensive Oracle applications & technology content under one roof
  • 13. •  VP  in  Finance  Department   •  July  –  December  2010   •  Stole  $19m   “Defendant  bought  a  Masera3,  6  Proper3es,   and  a  $½m  entertainment  system”   “Excessive  Access  Rights”   • The most comprehensive Oracle applications & technology content under one roof
  • 14. Deloife  –  Auditor  Survey   •  3  Most  Common  Frauds   –  MisappropriaAon  of  Assets  –  31%   –  Improper  Expenditures  –  22%   –  Procurement  Fraud  –  16%   •  63%  companies  say  vulnerability  has  increased   •  83%  UK  companies  had  suffered  fraud   • The most comprehensive Oracle applications & technology content under one roof
  • 15. Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
  • 16. Issues  in  JD  Edwards  E1   §  All  Doors  Open  v  All  Doors  Closed   •  Menu  Security  is  no  Security   •  No  SegregaAon  of  DuAes   •  Access  to  criAcal  programs   •  30+  security  types,    300  opAons   •  35,000  Objects     •  Complexity  of  Maintenance  -­‐  forms,  versions   •  MulAple  roles  /  Sequence  Manager   •  Unexpected  security  authoriAes   •  Changes  lead  to  unexpected  results   •  ApplicaAon  access  is  very  complex   •  Task  Views   •  FineCut   •  FastPath     •  Hidden  &  Associated  Applica/ons   • The most comprehensive Oracle applications & technology content under one roof
  • 17. Issues  in  JD  Edwards  E1   §  All  Doors  Open  v  All  Doors  Closed   •  Menu  Security  is  no  Security   •  No  SegregaAon  of  DuAes   •  Access  to  criAcal  programs   •  30+  security  types,    300  opAons   •  35,000  Objects     •  Complexity  of  Maintenance  -­‐  forms,  versions   •  MulAple  roles  /  Sequence  Manager   •  Unexpected  security  authoriAes   •  Changes  lead  to  unexpected  results   •  ApplicaAon  access  is  very  complex   •  •  •  Task  Views   FineCut   FastPath       •  Hidden  &  Associated  Applica/ons   • The most comprehensive Oracle applications & technology content under one roof
  • 18. Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
  • 19. Auditors  Recommend  Roles  Based  Access  Control     •  NaAve  in  8.10  upwards   •  EssenAal  to  retain  this  funcAonality   •  Why  .....   § Simplified  systems  administraAon   § Enhanced  security  &  integrity   § Simplified  regulatory  compliance     § Enhanced  organisaAonal  producAvity   • The most comprehensive Oracle applications & technology content under one roof
  • 20. Security  Planning   •  Upgrading  is  a  good  Ame  to  review  security   –  Has  it  kept  pace  with  organisaAonal  changes?   –  Are  you  suffering  from  “security  creep”?   –  Who  can  access  criAcal  programs?   –  What  is  your  security  policy?   •  All  Doors  Closed   –  Grant  back  access  –  Roles  Based  Access   Control   “Only  way  to  ensure  a  fully  auditable  system”   –  But  need  to  build  a  maintainable  model   “Sustainable  Compliance”   • The most comprehensive Oracle applications & technology content under one roof
  • 21. Security  Planning   •  Security  must  not  be  an  a^erthought   – It  should  be  planned  in   – Should  match  business  processes   •  EffecAve  SoD  policy  is  a  must   – Prevent  Fraud   – Auditor  requirement   – Adds  value   • The most comprehensive Oracle applications & technology content under one roof
  • 22. Upgrading:  Security  plan  checklist   InformaAon   Gathering   • The most comprehensive Oracle applications & technology content under one roof
  • 23. Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   • The most comprehensive Oracle applications & technology content under one roof
  • 24. Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Added  Value   • The most comprehensive Oracle applications & technology content under one roof
  • 25. Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Added  Value   Evaluate   Tools   • The most comprehensive Oracle applications & technology content under one roof
  • 26. Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Added  Value   Take   Evaluate   Advice   Tools   • The most comprehensive Oracle applications & technology content under one roof
  • 27. Upgrading:  Security  plan  checklist   InformaAon   Gathering   Audit   Security   Risk   Management   Added  Value   Plan   Take   Evaluate   Advice   Tools   • The most comprehensive Oracle applications & technology content under one roof
  • 28. Upgrading:  Security  plan  checklist   InformaAon   Gathering   Integrate   Audit   Security   Security   Risk   Management   Added  Value   Plan   Take   Evaluate   Advice   Tools   • The most comprehensive Oracle applications & technology content under one roof
  • 29. Agenda   Q  So;ware  creden/als   Security  considera/ons  when  upgrading  JD  Edwards  E1     Security  issues  in  JD  Edwards  E1       Planning  for  security  as  part  of  the  upgrade   How  effec/ve  security  can  help  to  pay  for  the  upgrade  project   • The most comprehensive Oracle applications & technology content under one roof
  • 30. The  Dangers  and  Costs:  The  Alinean  ROI  Report   Avg. Risk of Avg. Business & Breaches per Avg. IT Staff Hours Collateral Typical Threats Year (per 1,000 per Breach Damage per users) Breach Virus / Worms / 4 hours per infected 2 $24,000 Trojans asset Denial of Service 2 serious incidents 32 hours per system $122,000 Data Destruction / 1 120 hours $350,000 Damage 25% employees Physical Theft 2 hours leave with $5,000 Disclosure assets Information Theft 1 180 hours $250,000 and Disclosure Policy Violation 30 2 hours $20,000 Errant User 2 hours 15 $20,000 Behaviour • The most comprehensive Oracle applications & technology content under one roof
  • 31. Impact  Analysis    (Cost  of  InacAon)   PROBLEM POSSIBLE IMPACT Fail audit Cost of compensating controls? Poor SoD Control Cost of remedial action? Cost of fraud? Cost of errors? Incremental cost of Audit trying to get necessary data? Impact on business of failed audit? i.e. share price, lost orders Cost of compensating controls? Failed audit Cost of remedial action? Cost of fraud? Potential each quarter from shareholder litigation? Potential regulatory fines? Impact of missing deadline. Impact on other projects if SOX late Security / SOX Cost of overtime / additional internal resources to achieve deadline? deadline Cost of external resources to help achieve deadline Cost of security incidents? Unauthorised (CSI 2009 survey states average per incident cost exceeds Access / $230k ) Ineffective Incremental audit costs tracking posting / reconciliation errors Security (Ciber states that best way to reduce reconciliation errors to implement better security) • The most comprehensive Oracle applications & technology content under one roof
  • 32. Return  On  Security  Investment  (ROSI)     •  Return  On  Investment  (ROI)   –  Money  earned  or  saved  v  Money  Invested   –  QuanAtaAve   •  Return  On  Security  Investment  (ROSI)   –  Includes  risk  reducAon   –  Includes  QualitaAve   –  Insurance   •  Auditors  place  value  in  accounts  for  risk   • The most comprehensive Oracle applications & technology content under one roof
  • 33. Adding  Value  to  the  Upgrade   •  Establish  value  in  strong  Security   •  Maybe  use  RoSI?   •  Build  in  SoD  &  Compliance  ReporAng   •  Cost  of  inacAon?   •  Audit  to  reduce  Risk   • The most comprehensive Oracle applications & technology content under one roof
  • 34. Summary   •  Functional upgrades will impact business processes –  Upgrading requires security restructure •  Technical upgrades may enable security standardisation •  JDE security has pitfalls for the unwary •  Ineffective security can prove costly –  Fraud is on the increase –  More regulations to comply with –  High non-compliance costs •  Effective security can assist in paying for upgrade –  Reduce opportunity for fraud –  Reduce non-compliance costs • The most comprehensive Oracle applications & technology content under one roof
  • 35. Q  Product  Family   Quick Fix Accelerator Security Build & Maintain E1Config Audit E1SoD Compliance Reporting erpAudit • The most comprehensive Oracle applications & technology content under one roof
  • 36. Q  –  Secure  &  Comply   •  ADC  in  a  few  days   •  80%  saving  in  Security  Management   •  Integrated  SoD   •  Extensive  Access  ReporAng   •  MulAple  Roles  retained  &  Improved   •  Audit  Security  –  tool  to  convince   Management   •  Upgrade  tools   • The most comprehensive Oracle applications & technology content under one roof
  • 37. Cameron  has  it  all  under  control   • The most comprehensive Oracle applications & technology content under one roof
  • 38. Ques/ons?   • The most comprehensive Oracle applications & technology content under one roof