Do you need to plug the vanilla BPCS security leak?

---

The vanilla BPCS design permits user X to change the list price for an item by using DFU or SQL even though the BPCS security officer has configured internal BPCS security with the specific intent of prohibiting user X from changing anything about the item master. Furthermore, if BPCS user X has authority to write Queries, user X could accidentally clear all data in the item master file by simply typing the wrong file/library name in the Query definition.

A BPCS user who wants to do something unconstructive could choose to delete the month-end programs or the entire General Ledger. It’s an enormous security risk. Vanilla BPCS security opens the door for accidental or intentional catastrophe.

Over and above the risks described, any BPCS user who happens to have command line access can create accidents and catastrophe from within the BPCS product. Batten Down the Hatches plugs these leaks.