Not just this update specifically. Always review security after a software update.
I’m only seeing three new menus this time: Send Electronic Remittance, E-File 1099 Forms US, and IP Address Set. You might see something different.
All three have default access set to “Allow”. The first two are not marked as “security manager only”, so literally every user can play with them.
They should still at least be limited to those who have access to the respective parent folders above them, though, right?
So, only those with access to Financial Management, and AP, and GenOps folders would see the this new menu?
Not discounting your PSA… just want to make sure I’m thinking straight 
(It is Monday, after all).
Thank you, John!
That only secures navigation on the main menu, not the item itself. Alternative navigation like context menus or kebab/sushi menus are unaffected, for example. There isn’t a way to audit all navigation methods so it’s really important to wire up security all the way down.
I’m gonna use that one!
I dont know if that is still true. A lot of swcurity issues in recent releases have been due to not having access to the full path.
Related story, we switched to multi-site years ago and it was a long while Like 5 years 
before I realized that EVERYONE had access to Transfer Order… everything. Not the parent menus per se, as you all pointed out. But the app directly.
So if you add a new module, likewise get to locking down the new toys. Which could be in dozens of folders.
