Hello all and HELP,
I've been working in security for several years and am at a new job where i've been tasked to lead a major remediation effort on a lawson enviroment, unfortunatly while i've got a lot of security background no lawson background.
After meeting with the existing Lawson ERP team, it's clear that due to a lack of training and resources many of the common things that i would have expected to be in place aren't, and in many cases the team didn't even know they existed (like a seperation of duties report). The joys of non-profits.
I've been scouring the web trying to find an overall security best practices guide for lawson as a whole, not a this is how you write a rule, but the basic security-audit-rules that lawson should have in place. I've already got the unix group and DBA's cleaning up their enviroments with new standards but i'm at a loss on Lawson standards.
Is there really not a baseline recomendations document out there ?? ANY help that can be provided is greatly appreciated.
Tx