- Do you know who is making changes to your data?
- Do you know who has administrator access?
- Do you have a segregation of duties methodology?
- Would you like single sign on to Dynamics GP?
Security in Dynamics GP has been an ever increasing request for us here at Pinnacle. Usually when we discuss security it is about firewalls, network logins, file access, etc. Now we are talking about security within the applications. Separation of Duties or Segregation of Work like the auditors like to call it has been elevated. Unfortunately with other systems or people coming to GP from QuickBooks, they usually have had a security breach and it cost a lot of money. So we at Pinnacle have partnered with Fastpath to help you with all of the above. So many times, when implementing Dynamics GP, security is an afterthought. When really, it should be at the forefront of your implementation. Their team of certified internal auditors together with their systems engineers created tools to alleviate your security, audit and compliance issues.
Also, did you know that out of the box, Microsoft Dynamics GP creates the ‘sa’ user with full privileges to create, modify and delete any and all data within the SQL database and the GP application? There is a common misconception that this approach is the best and/only way to manage administrative level security. This document is designed to explain the access rights and risks of the ‘sa’ user as well as the best practice approach for setting up administrative rights to create a more secure environment.
Jeff Soelberg from Fastpath wrote an educational white paper: Minimizing the use of ‘sa’ in Microsoft Dynamics GP that addresses this issue.