Continuing our review on audit & security updates as part of NetSuite’s biannual releases, below are the components of NetSuite’s latest release that may have an impact on your organization’s audit or security configuration. Enjoy!
Period End Journal Entries Feature
The Period End Journal Entries feature automates posting period end journals to record consolidation and income statement closing journals to the general ledger. With this feature enabled, the Period Close Checklist will include a 'Create Period End Journals' task. This new feature provides a lot of new functionality. If you are interested in further information, it is suggested to check out NetSuite's help center under the topic 'Period End Journal Entries'.
System-Generated Journal for NetSuite OneWorld
This is a new, read-only journal to represent the general ledger impact of payments at various stages of completeness. These journals can be viewed from the Bill Payment related records subtab.
Configuration to Not Run Custom GL Lines Plug-ins on Closed Periods
A new configuration option now controls whether custom GL lines plugins are run on transactions in closed periods. If not enabled, custom GL plug-ins are not run on transactions in closed periods, which preserves the original GL impact of the custom GL lines. This setting is disabled by default when creating new custom GL line plug-ins.
SuiteApprovals V2.0 Updates
There are several updates to the SuiteApprovals V2.0 SuiteApp:
- Addition of Priority Field on the Approval Rule - you can now set the priority of an approval rule to determine the order in which approval rules will be validated.
- Uniqueness Validation of Approval Rules - uniqueness of approval rules is now validated based on the following fields: Subsidiary, Start Date, End Date, Priority, and Saved Search Condition.
- Mandatory Reject Reason - approvers are now required to enter a reason when rejecting records.
- Manual Approval - if no approval rules are defined, the record will exit the approval workflow and required manual approval from users.
- Support for New Record Types - Auto-Generated Journal Entries and Engineering Change Order
SDF Support for Workflow Definitions
The SuiteCloud Development Framework (SDF) now supports complete serialization of workflows into XML. This enables complete integration into source control repositories and allows for workflow definitions to be compared over time to determine where changes have been made.
Changes to Release Preview Access
Release Preview environments are no longer automatically provisioned to all customers. NetSuite now supports the option to opt-in to release preview environments for customers that are not automatically provisioned one.
Deprecation of Sandbox Domain
Starting with release 2019.1, the sandbox domain will be deprecated. Users will now use the standard NetSuite domain (system.netsuite.com) to log into sandbox accounts. When logging into NetSuite, users will be able to choose between production and sandbox roles. Sandbox account ids are also being updated to use the same account id as your production account with '_SB1' appended at the end.
Administrators No Longer Required to Provide Initial Password for Users
When setting up new users, Administrators are no longer required to provide an initial password. Instead, the standard user access email template now contains a link that lets users create their own password. A new setting on the General Preferences page, User Registration Link Expiration in Hours, controls how long the link to create a password is valid (default 24 hours).
2FA Required for NetSuite Access as Administrator and Other Highly Privileged Roles
Access to NetSuite under the Administrator, Full Access, and other highly privileged roles now require two-factor authentication (2FA). This includes production, sandbox, development, and release preview domains. A highly privileged role is defined as any standard or custom roles with one of the following permissions:
- Access Token Management
- Two-Factor Authentication base
- Set Up OpenID Single Sign-On
- Set Up SAML Single Sign-On
- Integration Application
- Device ID Management
End of RSA SecurID Access to NetSuite
RSA is a built-in two-factor authentication method for NetSuite. The RSA feature is no longer available for purchase by new customers and any existing customers still using the feature should migrate to the NetSuite 2FA solution as soon as possible.
NetSuite No Longer Enabling New Solutions for Inbound SSO with Web Services
New Inbound Single Sign-On (SSO) solutions for use with SuiteTalk will no longer be enabled for new customers or partners. Current partners using Inbound SSO can continue to sell their existing solutions, but NetSuite strongly recommends they seek alternative options. Technological advancements have made Inbound SSO obsolete as token-based authentication (TBA) is now the preferred solution.
Long-Abandoned Passwords for Customer Center Roles to be Reset
When a user registers on your SuiteCommerce website, this creates a customer, lead, or prospect record in your NetSuite account. As not all users registering on your website remain active, NetSuite is resetting their passwords. However, the customer, lead, or prospect record will remain in your NetSuite account. Users who meet the following criteria will have their password reset:
- No login in the last three years.
- It has been more than 90 days since the user registered a login name and created a password, and the users has not logged in since.
Better Protection from Malware and Spam in Inbound Email Messages
NetSuite has applied a new malware filter on inbound email to block messages that have malware included as attachments. When malware is detected, the sender will receive an email bounce notification and the intended recipient will not be notified about the blocked email. In addition, NetSuite has introduced a new DNS blacklist query to prevent redistribution of email from known spammers and phishers.
Creating a proper security environment within NetSuite can be a daunting task. Our NetSuite Security Matrix helps build roles and permissions based on your company's specific security needs. Get the Matrix today.