Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Financial Management
Lawson S3 Financials
Process and/or tools for protected data
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Saef
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5226
People Online:
Visitors:
390
Members:
0
Total:
390
Online Now:
New Topics
S3 Systems Administration
ADFS certificate - new cert
12/3/2024 9:38 PM
The certificates on the windows boxes expired and
Lawson S3 HR/Payroll/Benefits
Post Tax Benefit Plan Table
11/14/2024 9:16 PM
Hi, totally new to Laswon. I have a repor
Lawson S3 Procurement
ED501 Error: Map 850 not supported by /law/c15vda/lawson/test10/edi/bin/laws_out_91
11/12/2024 3:47 PM
Tried runnning ED501 and getting the atathced erro
Lawson S3 HR/Payroll/Benefits
Error
11/6/2024 9:54 PM
When I try to enroll a retiree in 72.1 health plan
Infor ERP (Syteline)
Syteline: New Data Maintenance Wizard (Error) Need help
11/1/2024 4:24 PM
Hi, I need help with an error on syteline while us
Dealing with Lawson / Infor
Implementing Lawson v10 with Cerner Surginet, Case Cart Picking, and Quick Adds for the OR
10/29/2024 4:20 PM
Hi Everyone, I am wondering if there is any org
Lawson S3 HR/Payroll/Benefits
Canada Tax Calculation (Federal and Provincial) Issue
10/23/2024 5:00 AM
Initially, we had problem with CPP2 calculation is
Lawson S3 HR/Payroll/Benefits
CA Section 125 401k Plan
10/22/2024 10:13 PM
Does anyone have any recommendations on how to fac
S3 Systems Administration
Running AC120 deleted records from ACMASTER table
10/22/2024 3:40 PM
We recently ran the AC120 as normal and somehow it
Lawson S3 Procurement
RQ13 Approval Info
10/17/2024 2:12 PM
When a Requisition is approved on RQ13, what table
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3291
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1372
Roger French
1315
mark.cook
1244
Forums
Filtered Topics
Unanswered
Unresolved
Announcements
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
Financial Management
Lawson S3 Financials
Process and/or tools for protected data
Please
login
to post a reply.
2 Replies
0
Subscribed to this topic
43 Subscribed to this forum
Sort:
Oldest First
Most Recent First
Author
Messages
Bruce Havelock
New Member
Posts: 2
12/31/2019 10:04 PM
Is anyone dealing with protected data that comes across in requisitions, invoices, or GL? We are looking to network and share best practices, as our compliance division has put our Infor systems under scrutiny for not having processes in place to protect sensitive data (in this case, Protected Health Information or PHI).
Thanks!
Bruce
John Henley
Posts: 3353
1/2/2020 7:10 PM
Hi Bruce. I have dealt with this some in my consulting. Keeping Lawson and related systems/servers segregated and protecting sensitive data is certainly a challenge. Some organizations have been more successful than others, and it's actually more of a discipline/mindset/culture issue than a technical one. Lawson has some specific and unique bad practices that make it very difficult to properly implement and enforce security policies.It takes a lot more work to purposely move data through the organization judiciously vs. just setting up Lawson on a Windows domain and using domain admin accounts on shared drives (yes, i see this all of the time). In organizations where it has been done successfully, it involves isolating Lawson and related servers to their own partitioned networks, fire-walled from the rest of your network, encrypting at various points (database, flat files, etc.) and only opening up specific paths for data that needs to flow. In some organizations, all data exchange is done from with the Lawson environment (i.e. a process initiated from the Lawson network looks for incoming data--files are not just dumped into Lawson). Some organizations go even further and "air gap" their processes by using USB keys to transfer files, with multiple manual scanning/checkpoints. It is a fascinating topic.
Kat V
Veteran Member
Posts: 1020
1/3/2020 2:22 PM
The PHI/PII information on the bill only POs for implants is our major pain point. We have hidden several of the fields in RQC but we cannot control what goes in comments. This is always the reason cited for us not being able to rollout mobile apps - the open port to the server is considered too big a risk for the data.
Please
login
to post a reply.