Using Odyssey Dynamic Security Management (DSM), the online retailer has improved its corporate data protection system and received a convenient tool for managing ERP user roles.
Lamoda uses an ERP system built on Microsoft Dynamics AX 2012 R2, since 2013. In 2017, the company decided to automate the management of access rights, increase the transparency of the processes for creating and changing roles, and reduce the risks of unauthorized access to confidential information. The retailer held a tender for the best ERP data protection solution, as a result of which Odyssey was chosen.
The more dynamic and complex the business, the more diverse the security management scenarios in ERP systems. The secure use of data is especially relevant today: if you do not control user access levels, this can sooner or later lead to financial and operational losses. Dynamic Security Management (DSM). It provides an increased degree of protection for Microsoft Dynamics AX and includes all the functions necessary for Lamoda: quick configuration of the required number of roles (about 30), creation of a Segregation of Duties matrix (SoD) and access control based on it, reflection of the full hierarchy (User - Role - Responsibilities - Privileges, etc.). In addition, Dynamic Security Management offers convenient tools for setting Privileges and Responsibilities, logging of changes and extensive opportunities for building analytical reporting related to access control.
“The more data that companies own, the more vulnerable to internal and external threats their ERP solutions become. The tasks of monitoring the protection of ERP systems are complex and, as a rule, require additional involvement of specialists in the field of information security. The Odyssey DSM solution makes it easier to manage access rights and user roles in Microsoft Dynamics AX,” said Denis Storozhenko, CEO of Odyssey.
In order to determine the goals and objectives of the project, two factors: the current functionality of the system, as well as the requirements of the internal control and risk management standards of The Committee of Sponsoring Organizations of the Treadway Commission. The transition to work with DSM was carried out in five stages: preparing scenarios for roles and their analysis, defining responsibilities, setting up and piloting roles.
The launch of the project lasted three months. As a result, 26 roles and a matrix of separation of powers for employees of various departments were configured. The IT solution covered the work of six Lamoda departments. After the launch of DSM, it became easier for the company to control access levels in Microsoft Dynamics AX: you can see a complete overview of the rights of employees at any time and make improvements to the system, taking into account any changes in the security policy. The development allows you to determine the required type of licenses, optimize the quantity and cost of their acquisition. Using DSM does not require special knowledge - Lamoda employees can quickly create and configure user roles using an intuitive interface.
"The results of working with Odyssey Dynamic Security Management are already noticeable: the security of the ERP system, reduced the labor costs for setting up user roles and conducting a security audit of our IT infrastructure."
Lamoda Group Press Office
Recall that Lamoda is one of the largest fashion retailers in the e-commerce sector in Russia and the CIS. The online store of fashionable clothes, shoes and accessories offers its customers more than 2,000,000 products and 1,500 brands, fast delivery, pre-fitting services and convenient return conditions. The Lamoda website is visited daily by more than 1,500,000 users. The company's own infrastructure includes a powerful IT platform, delivery service, fulfillment and call centers.