Security in Oracle Cloud ERP by Amit Bhatnagar
Contents
- Security in ERP
- Common ERP Vulnerabilities
- Core Security Pillars
- Conceptualizing Security
- Users
- Roles
- Data Access Set
- Use Case
Security in ERP
ERP Security is a wide range of measures aimed at protecting Enterprise resource planning (ERP) systems from illicit access ensuring accessibility and integrity of system data.
ERP system serves to unify the information intended to manage the organization.
The Advantage of having ERP is that it provides data consistency and all in one solution.
Common ERP Vulnerabilities
- Access Control
- Inadequate Training
- Failure to Comply
- Unsecure Integration
- Data Encryption and Masking issues
- Complex Solutions
Core Security Pillars
- Data Encryption
- Security Controls
- Visibility
- Hybrid Cloud
- High Availability
Security in Oracle Cloud

Oracle Cloud ERP Roles
Oracle ERP Cloud uses 3 types of roles:
Job Roles
Represent jobs that users perform in an organization, e.g. General Accountant, Accounts Payable Manager
Can be assigned to users
Abstract Roles
Represent people in the organization independent of the jobs they perform, e.g. Employee, Line Manager
Can be assigned to users
Duty Roles
Logical collection of privileges that grant access to tasks that someone performs as part of a job
Not assignable to users directly
Function & Data Security Policies
Function Security Policies are defined via function security privileges
Each function security privilege secures the code resources that make up the relevant pages, page components (like tabs and buttons) and scheduled jobs
Data Security Policy defines access by a role, to a business object, with a condition and for an action (data security privilege)
Aggregate Privilege combines function security privileges with related data security policies
Setup Process in Oracle Cloud

Implementing Security In Oracle Cloud
- Create a User
- Assign roles
- Assign Security context to the user through the Data Access Set
Creating a User
Use the Create User task to create users if Human Capital Management (HCM) is NOT being implemented. Create User task creates a minimal person record and a user account
If HCM is being implemented, use the Hire an Employee task to create users instead. Hire an Employee task creates the full person record needed by HCM as well as the user account
Use the Security Console to create implementation only users. Implementation users are user accounts without the associated person record.
Creating a Custom Role


Managing Data Access
- Use the Manage Data Access for Users task to manage data scope assignments
- Search assignments for a single user or a single role
- You can further filter the search results, or export the results to Excel
- You can also authorize additional data accesses
