Senior Director of Partner & Customer Success at ERP Maestro. Ryan is an industry veteran and former IBM Security consultant.
September Release Notes 2020
Emergency Access Management
New Emergency Access Utilization Option – Inclusion of SM20 Data
A new option has been added to the agent configuration to enable the use of Security Audit Log (SM20) data when reporting on EAM utilization activity. Enabling this option will mean that EAM will prioritize SM20 data and so long as it is available for use, all EAM reports will be generated using SM20 data. We will still be extracting and storing Statistical Data (STAD) for EAM requests, but STAD data will only be used as a backup for generating EAM reports in the event that SM20 is unavailable. This option does require the customer to have SM20 configured. If you have questions on the minimum requirements, please inquire for more details. We hope that all EAM customers will take advantage of this exciting new feature to see improvements in accuracy and report generation times.
Additional Emergency Access Request Self Service Options
Previously, whenever EAM utilization report generation failed, customers and the ERP Maestro support team needed to go through an extensive time-consuming manual process to correct the error and move the EAM request forward. This caused extra headaches and delays for both parties.
With this new feature, customers can re-generate failed EAM reports on their own without the need for an ERPM developer to intercede. A new security role called “EAM Administrator Log Upload” has been added to strictly control access to this feature. Select EAM administrators assigned that role will now have the following two options for correcting errant EAM requests after accessing a new menu option called “EAM Log Upload” under the “Configuration” menu:
- ‘Auto Attach’ Allows customers with the click of a button to perform all of the steps that previously had to be executed by ERPM support and development resources to correct EAM requests.
- ‘Manual Upload’ Allows customers to manually upload SM20 logs and regenerate the EAM Utilization Overview report. This option does require the customer to have SM20 configured. If you have questions on the minimum requirements, please inquire for more details.
Fig 1. To access the EAM Log Upload
Fig 2. The option to Auto Attach or Manual Upload
Bug Fix – Cloned Roles for Composite Roles
Previously, in a provisioning request when you select to clone roles from a user with composite role assignments, the tool would apply all single roles that user had assigned. This included single roles that were assigned as part of a composite which lead to a duplication of single roles.
With this fix, when cloning roles from a user in provisioning requests, only the composite role is cloned and the associated single roles are no longer added in addition.
Ability to Remove Roles Even if All Reviews Are Not Submitted
Once the review is in the “overdue” state, the admin can remove roles for all reviews that have been submitted as final using the “Remove Roles” button.
Performance – Drastic performance improvement on the Risk Snapshot job