Skip to main content

How to Ensure a Smooth Transition to Microsoft Dynamics GP 10's New "Pessimistic" Security Model

by Andy Snook
President and CEO, Fastpath, Inc., Fastpath Solutions

What does the totally revamped security model in Microsoft Dynamics GP 10 mean to executives faced with the challenge of upgrade to the new application?

The biggest change in Dynamics GP 10 is the new role-based security model.  This new methodology has some clear security, usability and compliance benefits over the old user class model.

Pessimistic vs. Optimistic Security

The old model used "optimistic" security, meaning that as soon as a user was added to a company, the user was granted global access within that company.  The user retained that access until the user was added to a class or until an administrator revoked access.  

Dynamics GP 10 employs a pessimistic model, where users have no access until they are granted rights to a role.  Not only does this provide a more secure environment but it greatly assists in compliance reporting. 

We have found that employing the pessimistic model can reduce segregation-of-duties conflicts by as much as 60 - 75% because users have access to fewer windows within the system. This can save a lot of time and sanity in the mitigation and documentation processes. 

Additionally, the authorization reports are smaller and much easier to manage.  The access in the optimistic model could be 75-100 pages for each user, whereas the new model whittles the volume down significantly. 

Roles vs. User Classes

In the ...

FREE Membership Required to View Full Content:

Joining gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here

About Andy Snook

Andy is Certified in Risk and Information Systems Controls (CRISC) as well ascertified in Microsoft Dynamics and SAP.  

He has been designing audit and compliance solutions for over 13 years and has assisted with compliance projects at more than 100 companies. Under hisleadership, Fastpath has grown to support more than 1,000 companies in over 30 different countries and is recognized as an Industry Leader by the Institute of Internal Auditors. 

Prior to his time at Fastpath, Andy was a financial systems implementation consultant for Microsoft Dynamics and an SAP management consultant with Ernst & Young. He graduated from the University of Notre Dame with degrees in Economics and Computer Applications.

More about Andy Snook