Security & Auditing Solutions for Infor-Lawson Software 1.
-
Upload
andrew-thomas -
Category
Documents
-
view
215 -
download
0
Transcript of Security & Auditing Solutions for Infor-Lawson Software 1.
Security & Auditing Solutions for Infor-Lawson Software
1
2Agenda
About Us
Benefits
Products
Services
Security Dashboard
Security & Auditing Solutions for Infor-Lawson S3
3About UsSecurity & Auditing Solutions for Infor-Lawson S3
Founded in 1983, Kinsey has provided software sales, implementation, support and development for 32 years.
Lawson reseller and implementation partner since 1997.
Lawson certified systems integrator partner.
Lawson complementary software partner.
Lawson’s “Go to” implementation partner for public sector.
Provide complementary Lawson software products.
Implemented solutions for over 120 Lawson accounts.
Committed to your success.
BenefitsSecurity Solutions for Infor-Lawson S3
Client Benefits 5
Improved Capabilities
Our Security Reporting and Auditing applications provide in-depth reporting analysis of
Lawson Security data.
Expanded Offerings
User monitoring, transaction auditing, segregation of
duties reporting and security modeling provide critical insight to your Lawson
system.
Time Saver
Custom Security definition and audit reports save you
hours of validating user security.
Saves Money
Our clients have reduced labor intensive security
reviews from a few weeks to a few days.
Audit Compliant
Our tools assist with developing and maintaining an audit compliant security
model as well as investigating questionable transaction
activity.
Cost Effective
Our tools are very affordable when compared to competing
products.
Security & Auditing Solutions for Infor-Lawson S3
Our ProductsSecurity Solutions for Infor-Lawson S3
Security Dashboard 7
Security ReportingProvides detailed analysis on your security model including all assignments for Users, Roles, Security Classes, Tokens, Rules and Attributes.
Security Modeling & UtilitiesCreate ‘what-if’ scenarios within your security model without changing any security settings and report back on what users are affected.
Security AuditingOur security audit report enables you to monitor all changes to your security model including the before and after values of any specific setting.
Security & Auditing Solutions for Infor-Lawson S3
Security Dashboard 8
Segregation of DutiesValidates that the correct checks and balances have been implemented within the security model to avoid potential fraudulent activity.
Activity MonitorProvide insight and control over your Lawson S3 applications by monitoring user activity. Use this information to validate your Lawson security settings, monitor user activity, measure peak usage times or monitor software usage patterns.
Security & Auditing Solutions for Infor-Lawson S3
Security Migration Process (SMP)Our security migration process is a fast and simple yet extremely thorough method if defining and implementing Lawson Security.
Security Dashboard 9
Security & Auditing Solutions for Infor-Lawson S3
o Security Reportingo Security Analyzero Security Auditingo Object Modelingo Role Modelingo Object Comparisono Security Visualizero Security Utilities
Features
Security Reporting 10
Users
Displays all User-Object security assignments.
Roles
Displays all Role-Object security assignments
Security Classes
Displays all Security Class (Task)- Object security
assignments.
Objects
Displays all assignments for Structures, Groups, Tables,
Attributes, and Fields,
Historical
Automatically creates historical copies of LS for reporting and comparison
purposes
Save, Export, Email
Save, Print, Export or Email your custom reports at
anytime.
Security & Auditing Solutions for Infor-Lawson S3
Security Reporting 11
Security & Auditing Solutions for Infor-Lawson S3
o 13 User querieso 8 Role querieso 10 Task querieso Statistics & Metadatao Listener Activityo Orphaned Objectso Links to Lawson HRo View any profileo Multiple Environments
Report Features
Security Reporting 12
Security & Auditing Solutions for Infor-Lawson S3
o Object Filterso Column Sorto Column Groupingo Drill around o Save any queryo Print to PDF or printero Export to MS Excelo Email scheduled
reports
Report Options
Security data is pulled nightly or on demand from your LDAP server and stored in a collection of SQL tables for easy access.
Security Reporting - Historical 13
Security & Auditing Solutions for Infor-Lawson S3
Our historical reports will compare your current security settings to a historical point in time referencing what has been changed. You can also generate security reports from the historical tables.
o Object Filterso Column Sorto Column Groupingo Drill around o Print to PDF or Printero Export to MS Excelo Compare to Historical
Report Options
Security Reporting - Analyzer 14
Security Solutions for Infor-Lawson S3
o User Form Ruleso User Table Ruleso User Field Ruleso User Program Ruleso Form Conditionso Field Conditionso Filter by Usero Created in MS Excelo Unlimited Saved
Reports
Report Features
The Security Analyzer allows you to create custom reports for just the users you need to see. Then easily review the least restrictive access assigned to each form, table, program or field by user.
Security Modeling & Utilities 15
ObjectsReveal how changing
an objects assignment or rule
on any given security class will effect the associated users.
RolesSee how adding or
removing a role from a user will effect the
users security privileges.
TaskDiscover how
adding or removing a security class from a role will effect the users associated with
that role.
UtilitiesCompare, map, copy and upload security assignments directly
to LDAP.
Our set of modeling tools give you the flexibility you need to foresee the cause and effect of making a change to your security model prior to implementing any updates. Once you’re comfortable with the results our utilities can help you expedite the process.
Security Solutions for Infor-Lawson S3
Security Modeling – Role Modeling 16
Security Solutions for Infor-Lawson S3
o Add a Role to a Usero Remove a Role from a Usero Add a SecClass to a Roleo Remove a SecClass from a
Role
Features
Model the affect of changing any User-Role or Role-Security Class assignment.
Security Modeling – Role Modeling 17
Security Solutions for Infor-Lawson S3
Projected changes to User permissions are highlighted in blue.
Security Modeling - Visualizer 18
Security Solutions for Infor-Lawson S3
o Map from any objecto Drill to Security
Reportso Drag and Drop
Assignmentso Object Filtering
Features
Use the Visualizer to quickly see how Users, Roles and Security Classes are connected.
Security Utilities – Object Comparison 19
Security Solutions for Infor-Lawson S3
o Role Redundancyo Role Absorptiono Sec Class Redundancyo Sec Class Absorptiono Filter by Object Nameo Drill to Security
Reports
Analyze
The Object Comparison utility provides a quick visual of potentially redundant Roles or Security Classes.
Security Auditing 20
Object ChangesAudit any change to any object in the security model and view the before and after values.Historical AuditsGenerate reports based on object names, user names or date ranges to find just the data you need.
Custom QueriesCreate and save custom queries using the advance search and filtering options.
NotificationsPrint, export or email scheduled notifications for any saved report.
Security Solutions for Infor-Lawson S3
Segregation of DutiesSecurity Solutions for Infor-Lawson S3
Once you have defined a report simply add it to our schedule so you can be notified when a security change causes an SoD violation.
Automatic Email Notifications
Our Lawson application consultants have defined over 2,200 rules that are used to validate that your security conforms to the 240 SoD delivered policies. You have full flexibility over adding or changing any of the rules.
Over 2,200 Predefined Rules
With our delivered policies covering Asset Management, Cash Management, Closing Procedures, Inventory Control, Order Processing, Payables Management, Receivables Management, and Payroll you will receive immediate benefits from the SoD reports. You can also define your own policies using the SoD admin screen,
240 Delivered Policies
The Segregation of Duties application is designed to ensure that you have the proper checks and balances built in your security model to prevent fraudulent activity. With the added flexibility of our ad-hoc reporting you can create, save, and email critical reports as needed.
Segregation of Duties 22
8 Predefined CategoriesPolicy Importance Ratings
Create Unlimited New CategoriesCreate Unlimited New Policies Created Unlimited New Rules
Modify any Existing PoliciesDefine Rules by Form, Role, Security Class or Field
SoD Policies
Security & Auditing Solutions for Infor-Lawson S3
Segregation of Duties 23
By User by PolicyBy Policy by User
By Role Group by PolicyDifferences Report
Microsoft Excel ExportUnlimited Saved Reports
Scheduled Email Notifications
SoD Violation Reports
Security & Auditing Solutions for Infor-Lawson S3
Activity Monitor 24
0
1
2
3
4
5
6
Activity Monitor is designed to provide insight and control over your Lawson S3 applications. Extensive metadata analytics allow you to closely monitor how your applications are being used and where you may be exposed to a security risk. You can use this information to validate your Lawson security settings, monitor user activity, measure peak usage times or monitor software usage patterns. With the added capability of providing the transaction record keys, Activity Monitor is an invaluable auditing tool when questions arise surrounding changes made to your Lawson system.
Complete Transparency
Security & Auditing Solutions for Infor-Lawson S3
Activity Monitor – Reporting 25
Security & Auditing Solutions for Infor-Lawson S3
o By Usero By Formo By Function Codeo By Dateo By Record Keyo Drill to Security
Reports
Analyze
All Activity Monitor data can be displayed using our LS reporting application. This allows you to create unlimited custom reports and associate actual usage to a users security settings.
Security MigrationA better way of transitioning to Lawson Security
Security Migration Options 27
Multiple vendors provide predefined Excel based Roles and Security Class for LS. Customizing these to fit your environment can be a challenge.
Manually building LS can be extremely time consuming and painful. This is generally the least desirable route.
Lawson’s Security utility copies your existing LAUA security to LS by creating 1 Role and 1 Class for every LAUA Sec Class
Kinsey’s solution builds an audit compliant object oriented Role and Security Class model based on user requirements.
Security & Auditing Solutions for Infor-Lawson S3
Security MigrationWhat we do.
28
MonitorTrack all user
activity to validate actual form
requirements.
PrepareTune existing LAUA
model based on Activity and
Segregation of Duties results.
BuildAutomatically create
Role and Security Class objects based on common LAUA user access then
add data level security.
TestPreform positive and negative testing to
ensure proper access.
Security MigrationHow we do it.
29
IC AdminSec Class A Sec Class B Sec Class C Sec Class D
1
Role A Role B Role C Role D
LAUA LS
AP Setup AP Update AP Processing AP Reports AC Processing AC Update AC Reports GL Reports
By finding common form access across all Security Classes we can infer how forms should be grouped to create LS Security Classes. The application will then build unique classes for each Lawson system code.
Once the Security Classes are created the application will automatically create the Roles and make the appropriate User assignments.
Security Migration Services 30
Analyze
We will assist you with analyzing your user activity and Segregation of Duties
Reports
Tune
By tuning LAUA to align with your actual security needs we
can use this information to build LS
Train
We provide training throughout the project so you will be able to maintain the new security model going
forward.
Customize
Our certified consultants will assist you with writing data
level security logic to protect you against unauthorized
access.
Test and Deploy
A critical step in the process, our project plan will guide you
though both positive and negative testing prior to
deployment.
Support
From installation through post go-live our team of
consultants will assist in every phase of the project.
Security & Auditing Solutions for Infor-Lawson S3
Transaction AuditingExpanding Lawson’s Auditing Capabilities
Transaction Auditing 32
Feature Kinsey Infor-Lawson
Predefined AuditsAbility to Audit all 6500+ FormsAd-hoc ReportingHistorical ReportingSaved Favorite ReportsReport SchedulingAutomatic email distributionDrill to SecurityDrill to User Activity MonitorAudit Inquiries
Security & Auditing Solutions for Infor-Lawson S3
3055
Transaction Auditing - Reporting 33
Security & Auditing Solutions for Infor-Lawson S3
o Every Addo Every Changeo Every Deleteo Every Inquiryo Any Formo By Whoo On What Dayo Before/After
Values
Analyze
All Transaction data can be displayed in our TA reporting application. Create unlimited custom reports and send automatic email notifications.
o By Usero By Formo By Function
Codeo By Dateo By Key
Report
Benefits to working with us
We like to think that we are an easy group to work with. Our management team and consulting staff are available when you need us. And with consultants spread throughout the US we are able to cover all time zones for our clients and partners.
We’re Friendly
There’s no need for you or your clients to worry about continued support of our applications. For over 33 years we have maintained multiple application and security consultants to handle every situation that occurs. As a privately held company we are here for long run.
Stability
Kinsey brings over 33 years of ERP implementation and development experience to our clients. Every Kinsey consultant has over 20 years of experience in this space and with over 130 Lawson Clients we cover everything from installation, implementation, support and project management.
Experience
ServicesWe can help.
35
Kinsey consultants have been
implementing net new Lawson
implementations for over 18
years. Our consultants are
Lawson certified in every
application suite.
Our staff of certified consultants
and project managers can guide
your clients through the
complete upgrade process.
Upgrades
ERP Consulting
Security ConsultingOur team of security consultants
have helped over 60 Lawson
clients migrate from LAUA to LS
over the past 4 years.
Meet the TeamWho are behind the scenes
Meet the Team 37
Brad KinseyCEO & Co-Founder
Brad Kinsey is responsible for the sales and administrative functions of the company, including legal, accounting and human resources.
Dan KinseyPresident & Co-Founder
Dan Kinsey is responsible for product development, implementation and support of all Kinsey applications.
Guy HensonVP Business
DevelopmentGuy Henson is responsible for the business development and sales activities for Kinsey.
Thanks for attending!We hope you found it helpful!
Kinsey & Kinsey, Inc.26 North Park Boulevard
Glen Ellyn, IL. 60137
630-858-4866
call 757-621-8236
www.kinsey.com