With an upgrade to JDE World A9.3 comes some considerable changes to the security settings and systems. These changes can be absorbed in one “big bang,” they can also be taken in smaller increments, as legacy security is still supported. Some of the most noteworthy adjustments are a change in default settings, addition of role-based security, a new Security Workbench, and versions.
Change in Default
One of the most significant changes this update includes is the change in default security settings. Formerly, when a system shipped, everyone had access to everything until security preferences were turned on and users were restricted from certain things. The A9.3 upgrade has switched the security default to No Access, meaning when the system ships it is completely locked down and security access needs to be granted on an individual, group, or role basis. This secure default configuration eliminates the need for customers to strengthen security measures, but users do not have any authority unless it is specifically granted.
Role Based Security
Along with the change in default comes a change in how security is assigned. A9.3 is a role-based security system. Roles are executed at the group level and allow for multiple groups to have the same level of security access for specific aspects. Typically, roles are granted in accordance to job functions or they tie into a specific position. Security is not assigned to a specific individual, but instead to their job position, which makes for easier administration in the event of employees changing jobs. This also allows for more efficient SOX audits, as there is a very specific and objective separation of duties.
Another notable addition to A9.3 security is the Security Workbench. This one stop shop for security is a series of screens that provide a more functional flow and easier administration of security. Additionally, most maintenance programs are updated, audit fields were added, and reorganized menus are able to separate security and system administration.
The security detail report is based on the Security Workbench and creates a printed list of the security setup. The security detail report is configured with respect to headers based on the type of security selected. It can print multiple security types on one report, so it could be used, for example, to print all of the security for a selected user. The report can also be exported to the IFS and then used with other software packages.
JD Edwards programs use versions, which are configurations of options that say how you want to run something and what the ultimate goal is. In previous installments of World, details of who had interacted with a version were limited to who created it and who was the last person to make any changes. With A9.3, there is a version owner who has the ability to determine who can make edits to the version. This adds another layer of security administration to report versions and makes it easier to state who can do what. Additionally, this update supports role-based security, as groups can be version owners, allowing the same access to everyone in the group.
These significant enhancements to World security alone are a compelling reason to upgrade.