Security In Oracle Cloud ERP
User Security, Roles, Access Control and more.
What is security
How security is achieved in Oracle Cloud
New features in Oracle Cloud ERP.
2. Contents
◦ Security in ERP
◦ Common ERP Vulnerabilities
◦ Core Security Pillars
◦ Security in Oracle Cloud
◦ Oracle Cloud ERP Roles
◦ Function & Data Security Policies
◦ Setup Process in Oracle Cloud
◦ Creating Users
◦ Creating Custom Roles
◦ Extra Bytes
◦ Q&A?
3. Security in ERP
• ERP Security is a wide range of measures aimed at protecting Enterprise resource planning (ERP)
systems from illicit access ensuring accessibility and integrity of system data
• ERP system serves to unify the information intended to manage the organization
• The Advantage of having ERP is that it provides data consistency and all in one solution
4. Common ERP Vulnerabilities
• Access Control
• Inadequate Training
• Failure to Comply
• Unsecure Integration
• Data Encryption and Masking issues
• Complex Solutions
5. Core Security Pillars
• Data Encryption
• Security Controls
• Visibility
• Hybrid Cloud
• High Availability
7. Oracle Cloud ERP Roles
Oracle ERP Cloud uses 3 types of roles:
Job Roles
Represent jobs that users perform in an organization, e.g. General Accountant, Accounts
Payable Manager
Can be assigned to users
Abstract Roles
Represent people in the organization independent of the jobs they perform, e.g. Employee,
Line Manager
Can be assigned to users
Duty Roles
Logical collection of privileges that grant access to tasks that someone performs as part of a
job
Not assignable to users directly
8. Function & Data Security Policies
• Function Security Policies are defined via function security privileges
• Each function security privilege secures the code resources that make up the relevant pages, page
components (like tabs and buttons) and scheduled jobs
• Data Security Policy defines access by a role, to a business object, with a condition and for an action
(data security privilege)
• Aggregate Privilege combines function security privileges with related data security policies
9. Setup Process in Oracle Cloud
Data Access Set
Access Set Type Access Level
Full Ledger
Primary
Balancing
Segment
Read Only Read and
Write
10. Implementing Security In Oracle Cloud
• Create a User
• Assign roles
• Assign Security context to the user through Data Access Set
11. Creating a User
Use the Create User task to create users if Human Capital Management (HCM)
is NOT being implemented. Create User task creates a minimal person record
and a user account
If HCM is being implemented, use the Hire an Employee task to create users
instead. Hire an Employee task creates the full person record needed by HCM
as well as the user account
Use the Security Console to create implementation only users. Implementation
users are user accounts without the associated person record.
13. Managing Data Access
◦ Use the Manage Data Access for
Users task to manage data scope
assignments
◦ Search assignments for a single
user or a single role
◦ You can further filter the search
results, or export the results to
Excel
◦ You can also authorize additional
data accesses
14. Extra Bytes – Data Import
◦ File based Data Import
◦ ADF Desktop Integration