Oracle cloud security | User Security, Roles, Access Control and more
Download as PPTX, PDF0 likes2,582 views
The document discusses security measures for Oracle Cloud ERP systems, covering common vulnerabilities, core security pillars, and the specifics of Oracle's user role management. It outlines the setup process for security, including user creation and data access management. Additionally, it highlights function and data security policies essential for safeguarding ERP systems.
Oracle cloud security | User Security, Roles, Access Control and more
- 1. ORACLE CLOUD SECURITY By Amit Bhatnagar
- 2. Contents ◦ Security in ERP ◦ Common ERP Vulnerabilities ◦ Core Security Pillars ◦ Security in Oracle Cloud ◦ Oracle Cloud ERP Roles ◦ Function & Data Security Policies ◦ Setup Process in Oracle Cloud ◦ Creating Users ◦ Creating Custom Roles ◦ Extra Bytes ◦ Q&A?
- 3. Security in ERP • ERP Security is a wide range of measures aimed at protecting Enterprise resource planning (ERP) systems from illicit access ensuring accessibility and integrity of system data • ERP system serves to unify the information intended to manage the organization • The Advantage of having ERP is that it provides data consistency and all in one solution
- 4. Common ERP Vulnerabilities • Access Control • Inadequate Training • Failure to Comply • Unsecure Integration • Data Encryption and Masking issues • Complex Solutions
- 5. Core Security Pillars • Data Encryption • Security Controls • Visibility • Hybrid Cloud • High Availability
- 6. Security in Oracle Cloud
- 7. Oracle Cloud ERP Roles Oracle ERP Cloud uses 3 types of roles: Job Roles Represent jobs that users perform in an organization, e.g. General Accountant, Accounts Payable Manager Can be assigned to users Abstract Roles Represent people in the organization independent of the jobs they perform, e.g. Employee, Line Manager Can be assigned to users Duty Roles Logical collection of privileges that grant access to tasks that someone performs as part of a job Not assignable to users directly
- 8. Function & Data Security Policies • Function Security Policies are defined via function security privileges • Each function security privilege secures the code resources that make up the relevant pages, page components (like tabs and buttons) and scheduled jobs • Data Security Policy defines access by a role, to a business object, with a condition and for an action (data security privilege) • Aggregate Privilege combines function security privileges with related data security policies
- 9. Setup Process in Oracle Cloud Data Access Set Access Set Type Access Level Full Ledger Primary Balancing Segment Read Only Read and Write
- 10. Implementing Security In Oracle Cloud • Create a User • Assign roles • Assign Security context to the user through Data Access Set
- 11. Creating a User Use the Create User task to create users if Human Capital Management (HCM) is NOT being implemented. Create User task creates a minimal person record and a user account If HCM is being implemented, use the Hire an Employee task to create users instead. Hire an Employee task creates the full person record needed by HCM as well as the user account Use the Security Console to create implementation only users. Implementation users are user accounts without the associated person record.
- 12. Creating a Custom Role
- 13. Managing Data Access ◦ Use the Manage Data Access for Users task to manage data scope assignments ◦ Search assignments for a single user or a single role ◦ You can further filter the search results, or export the results to Excel ◦ You can also authorize additional data accesses
- 14. Extra Bytes – Data Import ◦ File based Data Import ◦ ADF Desktop Integration