Overview page

Most commonly visited pages

To provide quick navigation shortcuts, this section highlights these frequently accessed pages:

• Users
• Security Roles
• General Settings
• Audit Event Search
• Monitoring Search

Security scorecard

Use the security scorecard to quickly identify security risks and compliance gaps within the tenant. Each scorecard item is evaluated independently. There is no weighted or cumulative score.

Each scorecard item is represented by one of these indicators:

• Green check: Configuration is compliant with recommended security best practices.
• Red exclamation mark: Configuration is considered a security risk and should be reviewed and updated.

The security scorecard includes these tiles:

• User Access: With the User Access scorecard tile you can evaluate authentication, access control, and identity‑related configurations.
• Security Configuration: With the Security Configuration scorecard tile you can evaluate session controls, user hygiene, and configuration usage.

These conditions can affect the status of the items in the User Access tile:

• Restricted access to Infor Cloud Identities:
  • In compliance (green): Cleared Enable access using Infor Cloud Identities or selected Enable access using Infor Cloud Identities and selected For specified users (select specific users and/or names for each data types to which the user belongs in the tabs below) and users or Master Data Types assigned.
  • Security risk (red): Selected Enable access using Infor Cloud Identities and selected For all users.
• Passkey authentication enablement for Infor Cloud Identities:
  • In compliance (green): Selected Enable access using Passkey for Infor Cloud Identities.
  • Security risk (red): Cleared Enable access using Passkey for Infor Cloud Identities.
• Password policies configurations for Infor Cloud Identities:
  • In compliance (green): Selected Enable access using Infor Cloud Identities or selected Enable access using Infor Cloud Identities and all of these are selected:
    • Password will expire every 30-360 days.
    • Prohibit Password Reset 1-24 hours.
    • Selected Password cannot contain 3 or more consecutive characters (Ex: abc, 123).
    • Selected Password cannot contain 3 or more consecutive repeating characters (Ex: aaa, 111).
    • Selected Password cannot contain the following user attributes.
    • Selected Enforce custom forbidden password list.
    • Selected Force signs off on all active sessions when user updates their password.
  • Security risk (red): Selected Enable access using Infor Cloud Identities and at least one of these:
    • Password will expire every 0 days.
    • Prohibit Password Reset 0 hours.
    • Cleared Password cannot contain 3 or more consecutive characters (Ex: abc, 123).
    • Cleared Password cannot contain 3 or more consecutive repeating characters (Ex: aaa, 111).
    • Cleared Password cannot contain the following user attributes.
    • Cleared Enforce custom forbidden password list.
    • Cleared Force signs off on all active sessions when user updates their password.
• Multi-factor authentication (MFA) enablement:
  • In compliance (green): Selected Enable MFA.
  • Security risk (red): Cleared Enable MFA.
• External Identity Providers (IdP) configuration:
  • In compliance (green): At least one IdPs is configured under Federated Security (Federated Security or OpenID Connect).
  • Security risk (red): No IdPs configured under Federated Security.
• Service Provider certificate expiration:
  • In compliance (green): No service provider certificate is set to expire in 30 days or less.
  • Security risk (red): One or more service provider certificate is set to expire in 30 days or less.
• Restricted domain access:
  • In compliance (green): At least one domain is configured as a blocked domain or at least one domain is configured as an allowed domain.
  • Security risk (red): No domains are configured under Domain Security.

These conditions can affect the status of the items in the Security Configurations tile:

• Active users and no login history:
  • In compliance (green): No active users who have never logged in.
  • Security risk (red): At least one active user who has never logged in.
• Session timeout and concurrent session limits recommended thresholds:
  • In compliance (green): Idle Session Time-out is 60 minutes or less and selected Enable 16 Hour Session and Number of concurrent sessions allowed is 1-3 (if the Enable Concurrent Session Limitation is selected).
  • Security risk (red): Idle Session Time-out is more than 60 minutes and/or selected Enable 16 Hour Session and/or Number of concurrent sessions allowed is 4-5 (if the Enable Concurrent Session Limitation is selected) or Enable Concurrent Session Limitation is clear.
• Security Access Profiles configuration:
  • In compliance (green): At least one security access profile is created and used (either on a user level or a security role level).
  • Security risk (red): No security access profiles are created and used.
• Service Accounts configuration:
  • In compliance (green): At least one service account is created and used.
  • Security risk (red): No service accounts are created and used.

User Summary

The User Summary section provides an aggregated view of user status counts within the tenant to help you monitor account lifecycle and activity trends. Metrics performed on this tile show:

• Total users: active users, inactive users (disabled and soft deleted users)
• Active users
• Inactive users (disabled and soft deleted users)
• Users that never logged in