Reduce License costs and increase security in Oracle Applications
Download as PPTX, PDF1 like12 views
This document discusses how effective security measures can help reduce licensing costs in Oracle ERP/HCM Cloud by controlling user counts, managing access to new features, and implementing effective security designs. It highlights the importance of auditing access, proper onboarding and offboarding processes, and the over-provisioning of roles leading to potential license overuse. Additionally, the document emphasizes that Seecuring provides services to support organizations in evaluating and assisting with audit, security, and controls.
Reduce License costs and increase security in Oracle Applications
- 1. How security can help lower your licensing costs in Oracle ERP/HCM Cloud
- 2. Working on Identity, Access, Security, Internal Controls, Audit & Compliance since 2003. Lewis@seecuring.com
- 3. Seecuring supports organizations through evaluating and assisting in audit, security and controls, including: • Segregation of Duties. • Sensitive Access. • Patch Impact Analysis. Pro-active and Detective testing, ensure security goes in clean. Provided as a service from training through to controls evaluation.
- 4. Applications supported Oracle ERP/HCM Cloud Workday Salesforce MS Dynamics E-Business Suite SAP Concur Peoplesoft JD Edwards Oracle Edge Applications Yardi
- 5. The developing application landscape Over 50% of Applications are now deployed without IT and perhaps the associated asset management procedure he average Enterprise has over 400 Applications. hadow Applications has become a major concern for xecutives. ps://www.ciodive.com/news/app-sprawl-saas-data-shadow-it-productiv/606872/
- 7. The developing application landscape – PART 2 As customer acquisition slows, vendors will look to raise more revenue from existing customers. • Additional Services. • Additional Modules. • Auditing usage. AKA Licensing.
- 8. The developing application landscape – PART 2 As customer acquisition slows, vendors will look to raise more revenue from existing customers. • Additional Services. • Additional Modules. • Auditing usage. AKA Licensing.
- 10. Cloud applications allow easy expansion without installing the additional modules = Increased Risk of usage without authority
- 11. Licensing in Oracle Oracle has a licensing department, but no word on efforts for ERP/HCM licensing.
- 12. So how can good security help with licensing in Oracle ERP/HCM Cloud? (lets not also forget CX Cloud)
- 13. 1. Controlling user counts. 2. Controlling who can enable new features. 3. Effective security design.
- 14. 1. Controlling user counts. The importance of auditing access. How are you onboarding? 47% of Companies struggle to onboard because of IT processes. https://www.strongdm.com/blog/employee-onboarding-statistics.
- 15. 1. Controlling user counts. Inadequate Offboarding may leave you with license overage (as well as security risks) Forty-two percent experienced at least 5% of instances of unauthorized access to SaaS applications and cloud infrastructure due to deprovisioning deficiencies of former workers; one-fifth had more than 10% such instances; and 17% didn’t know the extent of unauthorized access stemming from incomplete deprovisioning of employees and contractors. https://venturebeat.com/security/why-inadequate-automation-of-onboarding-and-offboarding-result s-in-security-risks-and-data-loss/
- 16. 1. Controlling user counts. Suspending a user = user no longer has roles or has been manually suspended. Don’t rely on this. Locked = the account is locked, usually because of entering a password too many times. Don’t rely on this. Active/Inactive = the best way to ensure access (or not to the application)
- 17. 2. Controlling who can enable new features. Navigator -> My Enterprise -> Offerings Many new features can be enabled following a patch. Access to this feature, (license impact or not) should be secured. Enablement should go through change control for accountability.
- 18. 3. Effective Security Design Oracle stores data related to Privileges and the services they are associated with. The delivered Roles have Sensitive Access and Segregation of Duty issues. Roles are most often over provisioned.
- 19. 3. Effective Security Design Oracle stores data related to Privileges and the services they are associated with. The delivered Roles have Sensitive Access and Segregation of Duty issues. Roles are most often over provisioned.
- 20. 3. Effective Security Design They say a picture is worth a thousand words: Roles ‘can’ consist of other sub roles, Duty Roles and other Job Roles. Job Role – General Accountant Duty Role – Period Close Management
- 21. 3. Effective Security Design
- 22. 3. Effective Security Design Receiving Transaction Maintenance Role SoD: Can create and maintain AP Invoices and Receive Transactions Holds license for ERP and Supply Chain
- 23. 3. Effective Security Design Receiving Transaction Maintenance Role SoD: Can create and maintain AP Invoices and Receive Transactions Holds license for ERP and Supply Chain via the Privileges in conflict
- 24. 3. Effective Security Design Delivered Roles provide the opportunity for license over use due to over provisioning.
- 25. Custom Roles Vs Delivered/Seeded Roles Custom Roles provide the opportunity to take back control. Delivered Roles are (again) over provisioned, and are updated by Oracle.
- 26. Delivered Roles had the following changes (23B) Over 130 New Privileges. 255 New Privilege to Role assignments (84 are existing Privileges). 160 Role to Role assignments. 58 New Data Security Policy assignments. 124 New Profile Options.
- 27. Seecuring Provides reviews of Segregation of Duties, Sensitive Access, Change and License analysis as a Service.
- 28. Seecuring No software to install, integrate and no need to ‘open up’ your applications. We provide the technology and services to support your organization’s internal control goals.