As you may have already heard, Oracle recently released their JD Edwards EnterpriseOne Applications and Tools 9.2 upgrade. The 9.2 release signals Oracle's intention to allocate more time, energy, and resources into the innovation and improvement of JD Edwards applications. Upgrades to 9.2 will add new features for administrators, improve the general security infrastructure, and address a few notable legacy security concerns. In this post, we'll take a look at some of the major changes and improvements to security in Oracle's JDE E1 Applications and Tools.
Major Security Features and Upgrades of JDE E1 9.2
- Local Oracle Database Enhanced Encryption. Enhanced encryption is now used when creating passwords for the Oracle local database. This is in contrast to the previous legacy solution, which was no longer up to industry standard. Enhanced encryption protocols are only used in Oracle databases that are using Tools Release 220.127.116.11 or later, though.
- Enhanced Database Security. In JDE E1 9.1, tables get created with an authority of PUBLIC ALL by default. The new platform pack installer for JDE E1 9.2 will instead have permissions granted specifically by the installer, thereby increasing database security immediately following installation.
- Site Key. Site keys are a new feature that was not available in JDE E1 9.1. In 9.2, a site key is used as a part of an AES key, which is used to encrypt high-level, confidential, and protected data. AES encryption is essential for the protection of critically sensitive, high-security information. Customers will all have a unique site key, further enhancing the security of this feature.
- JMX Security. Server Manager agents will now be able to communicate with the JMX protocol through a secured socket connection. Communicating through a socket connection will vastly decrease the likelihood of security issues during data transmission. JMX socket connections will need to be manually enabled by administrators following the upgrade to 9.2 rather than being used automatically.
- Long User ID and Long Password. In 9.1 and prior iterations of EnterpriseOne Tools, user IDs and passwords were required to be under 10 characters long. Following 9.2, administrators can allow users to create IDs between six characters to 254 characters. For passwords, users can now use up to a maximum of 40 characters. Longer user IDs and longer passwords are not implemented out-of-the-box, but instead must be enabled by the administrator. Following a transition to longer user IDs and longer passwords, users will still be able to use their short passwords, provided that they are still valid under the current password policies.
- User Defined Object Security. Administrators can now enable new user-defined object features and set up security for these user-defined objects. Users, with administrative permission, will be able to create, request, publish, view, use, and modify UDOs. Administrators can revoke and authorize security regarding UDOs on a granular level, to achieve better control.
- Secure FTP (SFTP) for Media Objects. Prior to the 9.2 release, only unsecured FTP was available, which created a significant data vulnerability. With 9.2, the SSH file transfer protocol (also known as Secure FTP or SFTP) is newly available. SFTP should always be used in lieu of FTP when it is an option.
The Benefits of a Comprehensive MSP
To get the most out of these new security features, collaborating with a quality managed service provider is key. Knowledgeable managed service providers can use their skill set and experience to investigate new upgrades and features to leverage the most valuable tools for your long-term stability. It can make a big difference in your ERP implementation and maximize the return on your investment. When evaluating possible managed services providers, ask yourself the following question:
"Do they have a Technical Program Manager with experience in multiple layers of the stack?"
Does their program manager understand the nuts-and-bolts of your environment? Are they able to direct the project in a way that gets you long-term benefits? Working with a managed service provider is much more fruitful if you can pair their added skills with your internal abilities. Your MSP needs to have the right skills, right resources, and the right knowledge to complement your team’s skills, and guide your project throughout its most efficient execution. With comprehensive upgrades, such as the JDE E1 9.2 release, your MSP needs to take advantage of the new security upgrades with the appropriate configuration and implementation, so as not to introduce any redundancies, inconsistencies, or even vulnerabilities.
The newest iteration of Oracle's JDE E1 applications and tools offers increased security and control—but many of the security features that have now been enabled still need to be properly configured and understood by a thorough managing administrator. By working with a knowledgeable managed service provider, your organization can begin leveraging these new security tools for your long-term growth, today. Contact the experts at ManageForce to find out more.