Many applications provide a simple license structure, with many providing licenses around core users and self service, or periodic users. Usually, the licenses in these applications are straight forward to manage and keep under control. For larger applications like Oracle's ERP/HCM Cloud applications the licensing is not so straight forward. This is due to the fact that one application contains multiple licensable functions or modules all sharing the same architecture.
In past times, on-premises software and new modules had to be installed, migrated through environments as part of the SDLC process. Today, the ability to turn these services on or off, can be as simple as flicking a 'pixel' switch, and that functionality is now available to the organization.
We have often looked at access to this functionality as a risk, where users could activate functionality without that process going through change control and authorization. After all, enabling functionality can have a profound impact on your organization's operations. In addition, security Privileges can be assigned that expand your license headcount. In ERP/HCM Cloud these Privileges have licensed services attached to them, sometimes multiple. By using these Privileges a license can be consumed, without a solid understanding of what security roles have which Privileges, licensing can be difficult to quantify.
In order to get an overview of the license usage within your applications, reporting over active users, their roles (and their embedded roles), then the Privileges and their licenses are required.
This type of report provides a hierarchy to establish exactly what users can access and in turn what licenses they are using.
At this point any licenses that are displayed that are outside of what you believe your
organization is licensed for can be evaluated.
Are these Privileges actually being used? A look at transactions against these Privileges will
help establish whether your users have actually used this functionality.
If yes, then its time to evaluate why,
and to account for this new requirement both from a licensing perspective and how this
new functionality impacts your organization.
If the answer is no, this will help in any audit prove that while access may have been (accidentally) granted, there is proof that the functionality was not used.
Who knew good security could also cut license costs?
As part of our solutions, we provide the means to identify not only security issues such as segregation of duties, but how security is creating license overuse, or where you may be not using the licenses you have.
Seecuring provides all this both within Oracle applications, but also across all of your Enterprise applications. Our solutions include:
* Segregation of Duties.
* Sensitive Access.
* User Access Reviews.
* Patch Impact Analysis & Configuration Changes.
If you need help with your security and licensing, get in touch to discuss your needs: