Call us today!  630-858-4866
Kinsey
  • Home
  • Company
    • About Us
    • Our Clients >
      • Security & Audit Solutions
      • ERP Public Sector
      • ERP Education
      • ERP Healthcare
      • ERP Cross Industry
    • Request a Demo
    • Contact Us
  • ERP Solutions
    • INFOR >
      • Public Sector
      • Education
      • Healthcare
    • Microsoft Dynamics-GP
  • Our Products
    • Which solution is right for you >
      • Chose by Process
      • Audit and Finance Professionals
      • Lawson Security Professionals
      • Management Professionals
    • Risk Management Solutions
    • Security Reporting (S3)
    • Security Reporting (Landmark)
    • Security Auditing
    • Segregation of Duties
    • SoD Remediation (S3)
    • Activity Monitor
    • Transaction Auditing
    • Security Modeling (S3)
    • Security Migration
  • Services
    • INFOR
    • Security Well-Check
    • Microsoft Dynamics-GP
  • Resources
    • Data Sheets & PPT
    • Recorded Webinars
    • ADFS White Paper
  • Support
    • Call/Email
    • Manuals
    • Tutorial Videos
    • 3rd Party Vulnerabilities
  • Home
  • Company
    • About Us
    • Our Clients >
      • Security & Audit Solutions
      • ERP Public Sector
      • ERP Education
      • ERP Healthcare
      • ERP Cross Industry
    • Request a Demo
    • Contact Us
  • ERP Solutions
    • INFOR >
      • Public Sector
      • Education
      • Healthcare
    • Microsoft Dynamics-GP
  • Our Products
    • Which solution is right for you >
      • Chose by Process
      • Audit and Finance Professionals
      • Lawson Security Professionals
      • Management Professionals
    • Risk Management Solutions
    • Security Reporting (S3)
    • Security Reporting (Landmark)
    • Security Auditing
    • Segregation of Duties
    • SoD Remediation (S3)
    • Activity Monitor
    • Transaction Auditing
    • Security Modeling (S3)
    • Security Migration
  • Services
    • INFOR
    • Security Well-Check
    • Microsoft Dynamics-GP
  • Resources
    • Data Sheets & PPT
    • Recorded Webinars
    • ADFS White Paper
  • Support
    • Call/Email
    • Manuals
    • Tutorial Videos
    • 3rd Party Vulnerabilities

LAWSON S3 SECURITY WELL-CHECK

Contact Us

It's not unusual to question if your security model is as secure as it could be. During the Well-Check process Kinsey's security consultants will perform a detailed analysis of your Lawson S3 security model to determine where your organization may be vulnerable to fraudulent activity or improper user access.  The evaluation will also include recommendations for streamlining your Roles and Security Classes in order to make the model more secure and easier to maintain going forward. At the conclusion of the review process you will receive a report with recommendations  on where you model could be improved.​

The areas included in the review process:
Sales
630-858-4866
sales@kinsey.com

SECURITY PROFILES

APPLICATION PROFILE
  • Validate which Profiles are in use
  • Identify Unused Objects (Roles, Security Classes, etc.)
  • Review User-Role assignments
    • Evaluate SoD issues
  • Review Role definitions
    • Check for Role duplication
    • Review design
    • Review E/MSS Roles
    • Evaluate over provisioning (i.e. SuperAdminRole, AllAccessRole)
  • Review Role-Security Class Assignments
    • Evaluation SoD issues
  • Review Security Classes
    • Check for Class duplication
    • Review Form Class setup (i.e. Setup, Reporting, Processing, Batch jobs)
    • Review Table Class setup
    • Review Invoked Programs & Menus setup
  • Provide recommendations
ENV PROFILE
This profile contains the executables needed at the environment level. Several of the executables are required for batch job processing for updates as well as reports.
  • Review Batch Class design
  • Review Batch Class assignments
  • Review Printer Class design
  • Review Printer Class assignments
  • Provide recommendation
GEN PROFILE
Objects in the Gen profile are the high level system files. Many of these files are required for batch job processing. It is used in conjunction with the Batch class in the ENV profile.
  • Review Batch Class design
  • Review Batch Class assignments
  • Provide recommendation
LGN PROFILE
The LGN profile contains the objects needed from the Logan product line. Logan controls the system bookmarks.
  • Review Class design
  • Review Class assignments
  • Provide recommendation

USER SETUP

SYSTEM USER ACCOUNTS
Generally clients have system user accounts defined for job automations. Any account such as these will be identified and reviewed
 
REVIEW USER SETUP
  • Review Attribute assignments
  • Review Identity assignments
  • Provide recommendation

DRILL AROUND AND SELECTS

Providing access to tables is required in order to see data in Drill Arounds and Selects, which allows users to select records from drop-down selection lists, and allows drilling from various screens into detailed data.
  • Review conditional table logic
  • Discuss any existing Issues
  • Provide recommendation

CRITICAL FIELDS

  • Review form access to critical fields (i.e. of PII and PHI data items)
  • Review Drill (table) access to critical fields
  • Provide recommendation

ELEMENTS AND ELEMENT GROUPS

While elements (ELM) are global definitions of a field, element groups (ELG) are securable objects themselves and defined by more than one element.  User defined element groups are not delivered by Infor/Lawson and must be called by specific functions from forms and/or files.  However, Lawson defined element groups can provide a solid foundation in the creation data level security for your business.
  • Review use of Element and Element Groups
  • Provide recommendation

CONFLICTING AND MULTIPLE FORM ACCESS

This is the common problem of a user having access to a form through more than one Role or Security Class.
  • Provide report of multiple form access per user
  • Provide report of conflicting form access per user
  • Provide recommendations of resolve potential issues.

SECURABLE TYPES

Provide global access  to forms or files.
  • Review use of Securable Types in the security model
  • Provide recommendations of resolve potential issues.

SELF-SERVICE

EMSS – Employee and Manager Self Service are a set of “self-evident” applications or bookmarks that allow you to inquire or update HR, LP, BN, PA, or PR data in Lawson.
  • ESS – review that only the employee can see themselves
  • MSS – review that the Manager can see themselves and those in their chain of command only.
  • Provide recommendations of resolve potential issues.

INQUIRY ONLY ROLES

  • Review rules on Inquiry-only Roles
  • Provide recommendations of resolve potential issues.

ACCESS REQUIRMENTS

  • Remote access to all Lawson environments included in the evaluation.
  • Security credentials for viewing security settings

SOFTWARE APPLICATION

For the evaluation Kinsey will provide free of charge their Security and Segregation of Duties reporting applications in a hosted environment. The customer will have full access to the following report types:
  • Users – All Objects (13 reports)
  • Roles – All Objects (8 reports)
  • Security Classes  - All Objects (10 reports)
  • Segregation of Duties report by User
  • Segregation of Duties report by Role

OPTIONAL SERVICE

Assistance with the following topics is not within the scope of this proposal. Any help in these areas will require additional time beyond this 3 day engagement.
  • Reviewing the Organization’s Onboarding Process and Automating Procedures.
  • Landmark Security Review
  • PHI/PII Security Review
  • Demonstrate usage of ISS and assist with the sync.
  • Any other issues you are currently experiencing
  • EMSS Review Role and Security Class setup
  • EMSS Review ELG use for securing data
  • EMSS Review User Identity assignments
  • EMSS Review Privileged User assignments
  • EMSS Review your current setup for HR Record level or Data level security setup within the HR application.
Datasheets
Segregation of Duties 
Activity Monitor
Security Dashboard
​Transaction Auditing
​
Request a Demo

Picture
Kinsey & Kinsey, Inc.
26 North Park Boulevard
Glen Ellyn Illinois 60137

ERP SOLUTIONS

Infor
  - Public Sector
  - Education
​  - Healthcare
Microsoft Dynamics

OUR PRODUCTS

Security Reporting
Landmark Reporting
Security Auditing
Segregation of Duties
Security Modeling
Activity Monitor
Transaction Auditing
Security Migration
Overview

SERVICES

PRESENTATIONS

Infor
Microsoft Dynamics-GP
Compliance Dashboard
Security Well-Check

Continuous Monitoring
Security Dashboard
Security Reporting
Landmark Reporting
Security Auditing
Segregation of Duties
Activity Monitor
SoD Remediation
​Security Migration

CONTACT US

Picture
 Customer Support
​ (630) 858-4866 x223
Picture
Call Sales
(630) 858-4866 x227
Picture
Email Sales
​sales@kinsey.com