Naked and Afraid: Re-implementing Dynamics GP Security

Slides:

Advertisements

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Advertisements

ServiceDesk Plus MSP Product Overview. Why ServiceDesk Plus - MSP? Capability of Managing Multiple Client’s in one Help Desk Stop Juggling with multiple.

Program Management Portal: Overview for the Client

IP ADDRESS MANAGEMENT [IPAM]

GP2013 (R2) New features in GP2013 (R2). New Ribbon for windows Edit List is the Print button on the right without the paper background Action pane can.

File Server Organization and Best Practices IT Partners June, 02, 2010.

HP Quality Center Overview.

Refresh, V.10, July 2, 2010 Name Title, Date Copyright © 2011 Infor. All rights reserved. INFOR – A LOOK INTO THE FUTURE NameJamie Bridgman TitleAccount.

Virtual Collaboration with SharePoint Instructor: Michael Curry.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

Program Management Practice Program Management Portal: Overview for the Client © 2011, 2015 BM Corporation 1.

Microsoft Dynamics GP 2013 R2 Identity Management SmartList Designer 2.0 Take Company Offline Azure Backup Ribbons on desktop client SQL Server.

Xerox ® ConnectKey™ for SharePoint ® Simple, Smart and Flexible Workflows BR4266 SO1PA-13UA.

Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.

Integrated Security Solutions © 2006 TK Consulting, LP realtime Confidential March 11, 2007 APM Demo.

Segregation of Duties for Infor-Lawson Software 1.

Enterprise Security for Microsoft Dynamics GP Jeff Soelberg

1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.

GPPC Connections 2011 | November 6-8 | Las Vegas, NV Support Debugging Tool for Partners Mark Polino, CPA, I.B.I.S., Inc. Principal Consultant, Microsoft.

Module 6 Securing Content. Module Overview Administering SharePoint Groups Implementing SharePoint Roles and Role Assignments Securing and Auditing SharePoint.

Chapter 8 Configuring and Managing Shared Folder Security.

Windows Role-Based Access Control Longhorn Update

Microsoft Management Seminar Series SMS 2003 Change Management.

SPI NIGHTLIES Alex Hodgkins. SPI nightlies  Build and test various software projects each night  Provide a nightlies summary page that displays all.

Security. Audit. Compliance. Mark Polino CPA.CITP.CFF, CGMA, Microsoft MVP Dynamics Credentialed Professional Naked and Afraid: Re-implementing.

Authored by Frank Hamelly, Microsoft MVP Regional Chapters.

Overview of Basic 3D Experience (Enovia V6) Concepts

Tami Johnson Solution Architect

Security. Audit. Compliance.

Building a Sound Security and Compliance Environment for Dynamics AX Frank Vukovits Dennis Christiansen Fastpath, Inc.

Liz Piteo Native Controls in a Microsoft Dynamics Environment.

Sandy Wickman Senior GP Implementation Consultant, InterDyn BMI Making it work with Workflows in Dynamics GP.

GPUG Amplify 11/17/2017 6:06 PM GPUG Amplify 2017 Highlights! * What fellow customers are talking about! Abra Gilman, Collins Computing, GPUG Portland,

Cloud Network Administrator, Njevity

SP Business Suite Deployment Kick-off

Andy Snook Fastpath gives you insights on your CRM data that would make the NSA jealous Andy.

Dynamics GP Security - A to Z

Tammy DeStefano Sikich LLP

Ora Goldman, CEO, Mekorma

Security. Audit. Compliance.

CyVerse Discovery Environment

Human resource & Payroll news you can use

Get to know SQL Manager SQL Server administration done right

How to improve how you use Microsoft Dynamics gp

Workflows in Dynamics GP

Your customer base is at risk!

Security. Audit. Compliance

Jim High, COO, Alba Spectrum

Hyper-V Cloud Proof of Concept Kickoff Meeting <Customer Name>

Implementation Specialists Presents

Scrum Experience Group Team Foundation Server (TFS)

SharePoint Online: Migration Planning to avoid Mistakes

FIM User Group BHOLD Eihab Isaac (FIM MVP) 11/14/2018

SharePoint Essentials Toolkit

PSC Group, LLc Office 365/SharePoint Online Migration traps and tricks

Security. Audit. Compliance.

Security. Audit. Compliance.

Gotcha! SharePoint Online Migration Mistakes to Avoid

Overview of Basic 3D Experience (Enovia V6) Concepts

Product Positioning, Partner Resources and recent developments

Quality Assurance in an Agile Development Team Michelle Wu 2018 PNSQC

SharePoint Permissions Manager

C/S Windows Overview Nigel Pilsbury.

Dynamics AX Upgrades Microsoft Dynamics AX 2009

DIY GP Maintenance Paul Johnson.

Shawn Dorward – InterDyn Artis

Simplify Your Sales Process

Presentation transcript:

Naked and Afraid: Re-implementing Dynamics GP Security Security. Audit. Compliance. Mark Polino CPA.CITP.CFF, CGMA, Microsoft MVP Dynamics Credentialed Professional Twitter: @mpolino

Disclaimers Naked and Afraid. It’s a Discovery Channel TV show AND how many feel when told they are responsible for GP security. Despite the title, no one will be naked during this presentation. You are allowed to be afraid. You are not allowed to be naked during this presentation.

Overview The world is an insecure place. Being responsible for GP security can be scary. Many companies don’t have confidence in their GP security setup. It can make you feel Naked and Afraid. Every firm can benefit from another look at security. Maybe some headlines slides?

GP Security Overview GP security Dynamics GP Security (GP) SSRS (AD) Management Reporter (AD) GP Workflow (AD) Web Client (AD + GP) Other Products (GP) – Dynamics GP Users, (AD) – Active Directory Users Tell the Alligator story. What’s the most dangerous part of an alligator?

Where to Start? Start with GP Security It’s the most complicated It’s the core

GP Security Review Role based. Access to windows, reports, posting, etc. are rolled up into tasks. Tasks are combined into Roles. Roles are assigned to users.

Role Assignment

What’s in a Role? Multiple roles with overlapping tasks are NOT recommended. Default Roles often have overlapping tasks. Default Roles and their tasks documentation https://app.box.com/GPRoles [Free] Show off the sheet

A Task Based Approach Take a task based approach to creating new roles. A task should be everything needed for a discreet operation. Tasks are generally well designed. Need to be combined into new roles.

Task Assignment

Tasked Based Recommendations Use a tool to figure out what tasks should belong to each role. http://www.gofastpath.com/gp-security-matrix [Free] Add roles or tasks as required. Don’t use or modify existing roles or tasks. Assign roles to users. Temporarily preserve existing roles. Add other security matrix tool?

GP Security Matrix

Tips PowerUser is not a role. It’s is an override. If you must have a power user, manually create a SuperUser role. http://bit.ly/GPSuperUser [Free] ‘sa’ is really only required for installation. http://bit.ly/FP_SA [Free] ’sa’ is not required to add users http://bit.ly/GP_SA [Free]

Real Life Building/Rebuilding GP Security is not a fast process. Treat it as a project. If done well, maintenance and adjustments should be easy long term. It’s an investment against future pain.

SSRS SSRS Security tends to be more straightforward Assign or remove access to report folders For anything AD consider using AD Groups Not going in depth. After GP security, these are straightforward

Management Reporter Limit users who can create reports Use AD Users/Groups

GP Workflow GP Workflow Use AD Users/Groups Limit managers Email must be set at AD level

GP Web Client AD Users/Groups to access Web Client. GP Users to control access. Web Client only users might not be SQL users.

Web Client Security

Other Security Tools GP Power Tools (Formerly Support Debugging Tool) [Paid] Suite of GP utilities including security tools. Helpful for figuring out fix when access is denied. https://winthropdc.wordpress.com/gp-power-tools-portal/

Fastpath Security and Compliance Products Continuous monitoring solution that tracks all changes to critical data Assure Risk based security access review and SOD analysis platform Audit Trail Request, review and approve Dynamics security without IT intervention Identity Manager Audit planning tool allows report design, assignment and scheduling Audit View Maintain user provisioning in Active Directory instead of the target system Config AD Assure – After you’ve built your roles, check for conflicts Audit Trail – Monitor changes and access Audit View – Auto delivery of reports Identity Manager – Request, review and approve Dynamics security Config AD – GP Single Sign On. Maintain users in Active Directory instead of GP. Tools work together. If you request access to a user via Identity Manager or setup a new user with Config AD, Assure will check for conflicts prior to completion.

Questions? info@gofastpath.com Twitter: @gofastpath