SlideShare a Scribd company logo

Implementing security and controls in people soft best practices - may 2017

Download as PPTX, PDF
Smart ERP Solutions, Inc.
Smart ERP Solutions, Inc.

Best Practices Implementing Security and Controls in PeopleSoft Why Security, Compliance and Segregation of Duties? This webinar addresses the key features for security and controls in PeopleSoft. Without controls built around these features there is a high probability for error, poor performance or in extreme cases fraudulent transactions. SmartERP will guide you through the steps for best-practice techniques in securing your Application, and the Applications available to assist with this process.

Software
1 of 27
Implementing Security and Controls in PeopleSoft – Best Practices Lewis Hopkins – Applications Consultant Lewis.Hopkins@smarterp.com
Reminders  A recording of today’s session will be sent to all registrants shortly after the webinar.  Phone lines/mics are MUTED.  There will be a Q & A section at the end of today’s session. Please use the GoToWebinar “Questions” feature (not the “Chat” feature) from your control panel to post a question at any time during the presentation.
Agenda • About Smart ERP • Managing Super User Access • Access Definitions • Data Security • Productions Do’s and Don’ts • Solutions
About SmartERP
Achieve Best-In-Class Performance Our mission is to provide innovative, configurable, flexible, cost-effective solutions to common business challenges, enabling our clients to save time, increase productivity, minimize costs, and maximize their return on investment. Solutions Business applications that offer organizations an end-to-end solution providing the right design and implementation from start to finish. Services A 24/7 seasoned and experienced staff of experts to help you implement your business solutions efficiently and effectively at a cost- effective rate. Cloud Cloud applications provide solutions built on proven enterprise class architecture that enable high configurability and ease of monitoring.
About SmartERP Oracle Platinum Partner Best practices and expertise in strategic planning, implementation, upgrade and add-on / customization services Unique blend of Solutions and Services ‘Clients for Life’ – High level of client satisfaction and loyalty 200+ Clients across various industries 350+ Employees Global Locations: Headquarters in Pleasanton, CA Offices in Atlanta GA, Hyderabad, Chennai and Bangalore (India) Founded in 2005 by former Oracle Architects, Executives and Consultants
Security and Control Points
Managing Super User Access Communication – Typically Business Users don’t understand the Application’s Security design. Business Users Technical Users Responsibility and Ownership “Foxes watching the Hen House”
‘Super User’ Access • Don’t rely on PSADMIN or VP1 generic logins without controls Options for management: • Break Glass • Individual User Logins
BreakGlass Employee requests access to investigate/resolve a Production issue In an IDM Solution: Automate the creation and assignment of Roles Either through timeout or manual process, Change the User credentials so this Employee cannot log back in
Individual User Logins Employee’s request access to Production, Sys Admin unlocks their account and grants the Roles required for diagnosis. At the end of the process, the User’s account is locked again.
Break Glass Vs Individual User Logins Pros Cons Pros Cons Tight Control Can be slow to respond to incidents Quick – User accounts already exist More User accounts to track potentially Limit the User Accounts with privileges Costly to implement, especially if you don’t have IDM already. Free to implement Manual process Most IDM solutions have audit tracking and other features to track who accessed Prod – even record sessions. Cant track User sessions unless auditing is switched on More Compliant solution No control over User Profiles (unless customized) Break Glass Individual User Logins
One more thing… Always worth Auditing User Profiles, Roles/Permission Lists in PeopleSoft. Low transaction, high impact
Access Definitions Too many Roles = too many Risks/too difficult to answer who has access to what We’ve seen: 160+ Roles per User 12-24 months before Security is regarded as a mess Are Role Assignments going through a change request?
Access Definitions Security too complex – not ‘Business friendly’ Ensure new/copied Security is easy to read Re-Use where possible, for example: Sign on process Delivered Roles have Security issues and please secure ALLPAGES!! Segregation of Duties
Access Definitions – find the Navigation
Data Security • Row Security limited in PeopleSoft • What to do about PCI or PII? • Field Security, Tokenization, restrict Fields in the Pages, Database Level Security?
Is this a good or a bad thing to have?
Opportunities for Securing Data For Query: Create Roles/Permission Lists for accessing this Data Secure them against the Fields you use & the Queries for accessing this information • Pros: Accountability – track the Roles that have access • Cons: Can leave out other data required from a table For Access: Use Database level Security to Secure or Obfuscate the Data • Pros: Total Security at the Data level • Cons: May need each User to have a DB level User If one DB User, what about Self Service Users?
Production Do’s and Don’ts • Data Mover and Configuration/Development processes– secure them! • Submission of Jobs • Copy of Production for testing and simulation – Who wants to refresh every day? • Don’t rely on Auditing – The Horse may have bolted already!
Production Do’s and Don’ts • Separate Configuration from Transactions • Segregation of Duties and Access Analysis – OMB – NIST – SOX Compliance is forcing Organizations to change their Approach to ERP Security and Controls
Smart ERP Solutions
Access and SoD Reporting • Abilities contain the Security required to perform a task or duty – wrapped into an easy to read container • Allow for Roles, Permission Lists, Components, Pages and User Preferences • Incorporate Authorities – can the User update records or not? Abilities for Reporting
Data Security • Secure specific Fields such as SSN, Credit Cards are more • Create Contexts: Row Security at the User, Permission List, Role and Tree Level • Open up Data Security possibilities Apply Data Security to any Field on any Page
Benefits • Report on who has access to what in plain ‘English’ • Identify and Remediate Users with too much access • Enforce strong Data Security Policies • Comply with legislation and reduce costs Reporting and Data Security as it should be..
Achieve Best-In-Class Security and Controls Solutions • Segregation of Duties/Access Reporting • Access Provisioning • Transaction Monitoring • Configuration Monitoring Services • Security and Configuration ‘Scans’ • Security Design and Implementation • Training & Review
For more information: www.smarterp.com Lewis.Hopkins@smarterp.com

Recommended

Ivanti New Pricing Model
Ivanti New Pricing ModelIvanti New Pricing Model
Ivanti New Pricing Model
Ivanti
 
Resume for Wintel Administrator
Resume for Wintel AdministratorResume for Wintel Administrator
Resume for Wintel Administrator
sivasankarnayak2
 
PHD Virtual Automating Disaster Recovery Testing to Ensure Application Recovery
PHD Virtual Automating Disaster Recovery Testing to Ensure Application RecoveryPHD Virtual Automating Disaster Recovery Testing to Ensure Application Recovery
PHD Virtual Automating Disaster Recovery Testing to Ensure Application Recovery
Mark McHenry
 
Segregation of Duties and Continuous Delivery
Segregation of Duties and Continuous DeliverySegregation of Duties and Continuous Delivery
Segregation of Duties and Continuous Delivery
Sriram Narayanan
 
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
Jürgen Ambrosi
 
Download our Managed Services Presentation - ZSL - Systems ...
Download our Managed Services Presentation - ZSL - Systems ...Download our Managed Services Presentation - ZSL - Systems ...
Download our Managed Services Presentation - ZSL - Systems ...
webhostingguy
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
Happiest Minds Technologies
 
Presentation managing the virtual environment
Presentation managing the virtual environmentPresentation managing the virtual environment
Presentation managing the virtual environment
solarisyourep
 

Recommended

Ivanti New Pricing Model
Ivanti New Pricing ModelIvanti New Pricing Model
Ivanti New Pricing Model
Ivanti
 
Resume for Wintel Administrator
Resume for Wintel AdministratorResume for Wintel Administrator
Resume for Wintel Administrator
sivasankarnayak2
 
PHD Virtual Automating Disaster Recovery Testing to Ensure Application Recovery
PHD Virtual Automating Disaster Recovery Testing to Ensure Application RecoveryPHD Virtual Automating Disaster Recovery Testing to Ensure Application Recovery
PHD Virtual Automating Disaster Recovery Testing to Ensure Application Recovery
Mark McHenry
 
Segregation of Duties and Continuous Delivery
Segregation of Duties and Continuous DeliverySegregation of Duties and Continuous Delivery
Segregation of Duties and Continuous Delivery
Sriram Narayanan
 
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
Jürgen Ambrosi
 
Download our Managed Services Presentation - ZSL - Systems ...
Download our Managed Services Presentation - ZSL - Systems ...Download our Managed Services Presentation - ZSL - Systems ...
Download our Managed Services Presentation - ZSL - Systems ...
webhostingguy
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
Happiest Minds Technologies
 
Presentation managing the virtual environment
Presentation managing the virtual environmentPresentation managing the virtual environment
Presentation managing the virtual environment
solarisyourep
 
Automating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsAutomating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and Financials
Smart ERP Solutions, Inc.
 
SaaS
SaaSSaaS
SaaS
NupurVaidya1
 
IT - Enterprise Service Operation Center
IT - Enterprise Service Operation CenterIT - Enterprise Service Operation Center
IT - Enterprise Service Operation Center
Sameer Paradia
 
V mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryV mware quick start guide to disaster recovery
V mware quick start guide to disaster recovery
VMware_EMEA
 
Software Asset Management – Keeping track of what I’m licensed for!
Software Asset Management – Keeping track of what I’m licensed for!Software Asset Management – Keeping track of what I’m licensed for!
Software Asset Management – Keeping track of what I’m licensed for!
Cireson
 
A Guide to Evaluating Your IT Network
A Guide to Evaluating Your IT Network A Guide to Evaluating Your IT Network
A Guide to Evaluating Your IT Network
JENLOR Integrations, Inc
 
Software Asset Management
Software Asset ManagementSoftware Asset Management
Software Asset Management
sleterrier
 
Ivanti: Access the Power of Unified IT
Ivanti: Access the Power of Unified ITIvanti: Access the Power of Unified IT
Ivanti: Access the Power of Unified IT
Ivanti
 
Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)
KNOWARTH - Software Development Company
 
Kiran A S - System Administrator
Kiran A S - System AdministratorKiran A S - System Administrator
Kiran A S - System Administrator
Kiran A S
 
Virtualization Journey
Virtualization JourneyVirtualization Journey
Virtualization Journey
VMware
 
AMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground UpAMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground Up
Ivanti
 
Technical debt in cyber ark [agile practitioners-2015]
Technical debt in cyber ark [agile practitioners-2015]Technical debt in cyber ark [agile practitioners-2015]
Technical debt in cyber ark [agile practitioners-2015]
AgilePractitionersIL
 
Determining Client And Networking Requirements
Determining Client And Networking RequirementsDetermining Client And Networking Requirements
Determining Client And Networking Requirements
Steven Cahill
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
amiable_indian
 
SMB140: An Overview of Ivanti Service Manager
SMB140: An Overview of Ivanti Service Manager SMB140: An Overview of Ivanti Service Manager
SMB140: An Overview of Ivanti Service Manager
Ivanti
 
Rhea corporate presentation v2
Rhea corporate presentation v2Rhea corporate presentation v2
Rhea corporate presentation v2
Mark Adam
 
Clextra platform
Clextra platformClextra platform
Clextra platform
Edgevalue
 
Afl rim capabilities
Afl rim capabilitiesAfl rim capabilities
Afl rim capabilities
shaun_raghavan
 
Top Ten Reasons Why Developers Don't Adopt ABAC
Top Ten Reasons Why Developers Don't Adopt ABACTop Ten Reasons Why Developers Don't Adopt ABAC
Top Ten Reasons Why Developers Don't Adopt ABAC
ForgeRock
 
Segregation of Duties and Sensitive Access as a Service
Segregation of Duties and Sensitive Access as a ServiceSegregation of Duties and Sensitive Access as a Service
Segregation of Duties and Sensitive Access as a Service
Smart ERP Solutions, Inc.
 
People soft risks and controls for educational institutions
People soft risks and controls for educational institutionsPeople soft risks and controls for educational institutions
People soft risks and controls for educational institutions
Smart ERP Solutions, Inc.
 

More Related Content

What's hot

V mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryV mware quick start guide to disaster recovery
V mware quick start guide to disaster recovery
VMware_EMEA
 
Software Asset Management – Keeping track of what I’m licensed for!
Software Asset Management – Keeping track of what I’m licensed for!Software Asset Management – Keeping track of what I’m licensed for!
Software Asset Management – Keeping track of what I’m licensed for!
Cireson
 
Kiran A S - System Administrator
Kiran A S - System AdministratorKiran A S - System Administrator
Kiran A S - System Administrator
Kiran A S
 
Determining Client And Networking Requirements
Determining Client And Networking RequirementsDetermining Client And Networking Requirements
Determining Client And Networking Requirements
Steven Cahill
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
amiable_indian
 
Clextra platform
Clextra platformClextra platform
Clextra platform
Edgevalue
 

What's hot (20)

Automating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsAutomating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and Financials
 
SaaS
SaaSSaaS
SaaS
 
IT - Enterprise Service Operation Center
IT - Enterprise Service Operation CenterIT - Enterprise Service Operation Center
IT - Enterprise Service Operation Center
 
V mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryV mware quick start guide to disaster recovery
V mware quick start guide to disaster recovery
 
Software Asset Management – Keeping track of what I’m licensed for!
Software Asset Management – Keeping track of what I’m licensed for!Software Asset Management – Keeping track of what I’m licensed for!
Software Asset Management – Keeping track of what I’m licensed for!
 
A Guide to Evaluating Your IT Network
A Guide to Evaluating Your IT Network A Guide to Evaluating Your IT Network
A Guide to Evaluating Your IT Network
 
Software Asset Management
Software Asset ManagementSoftware Asset Management
Software Asset Management
 
Ivanti: Access the Power of Unified IT
Ivanti: Access the Power of Unified ITIvanti: Access the Power of Unified IT
Ivanti: Access the Power of Unified IT
 
Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)
 
Kiran A S - System Administrator
Kiran A S - System AdministratorKiran A S - System Administrator
Kiran A S - System Administrator
 
Virtualization Journey
Virtualization JourneyVirtualization Journey
Virtualization Journey
 
AMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground UpAMB100: Ivanti Asset Management Suite from the Ground Up
AMB100: Ivanti Asset Management Suite from the Ground Up
 
Technical debt in cyber ark [agile practitioners-2015]
Technical debt in cyber ark [agile practitioners-2015]Technical debt in cyber ark [agile practitioners-2015]
Technical debt in cyber ark [agile practitioners-2015]
 
Determining Client And Networking Requirements
Determining Client And Networking RequirementsDetermining Client And Networking Requirements
Determining Client And Networking Requirements
 
Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
 
SMB140: An Overview of Ivanti Service Manager
SMB140: An Overview of Ivanti Service Manager SMB140: An Overview of Ivanti Service Manager
SMB140: An Overview of Ivanti Service Manager
 
Rhea corporate presentation v2
Rhea corporate presentation v2Rhea corporate presentation v2
Rhea corporate presentation v2
 
Clextra platform
Clextra platformClextra platform
Clextra platform
 
Afl rim capabilities
Afl rim capabilitiesAfl rim capabilities
Afl rim capabilities
 
Top Ten Reasons Why Developers Don't Adopt ABAC
Top Ten Reasons Why Developers Don't Adopt ABACTop Ten Reasons Why Developers Don't Adopt ABAC
Top Ten Reasons Why Developers Don't Adopt ABAC
 

Similar to Implementing security and controls in people soft best practices - may 2017

Segregation of Duties and Sensitive Access as a Service
Segregation of Duties and Sensitive Access as a ServiceSegregation of Duties and Sensitive Access as a Service
Segregation of Duties and Sensitive Access as a Service
Smart ERP Solutions, Inc.
 
Impact 2013 2963 - IBM Business Process Manager Top Practices
Impact 2013 2963 - IBM Business Process Manager Top PracticesImpact 2013 2963 - IBM Business Process Manager Top Practices
Impact 2013 2963 - IBM Business Process Manager Top Practices
Brian Petrini
 
Impact 2012 1640 - BPM Design considerations when optimizing business process...
Impact 2012 1640 - BPM Design considerations when optimizing business process...Impact 2012 1640 - BPM Design considerations when optimizing business process...
Impact 2012 1640 - BPM Design considerations when optimizing business process...
Brian Petrini
 
Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...
Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...
Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...
Rundeck
 
Sreedhar CV_PKI - Certificate Management
Sreedhar CV_PKI - Certificate Management Sreedhar CV_PKI - Certificate Management
Sreedhar CV_PKI - Certificate Management
Sreedhar Roddam
 
Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2
Smart ERP Solutions, Inc.
 
How much does it cost to be Secure?
How much does it cost to be Secure?How much does it cost to be Secure?
How much does it cost to be Secure?
mbmobile
 

Similar to Implementing security and controls in people soft best practices - may 2017 (20)

Segregation of Duties and Sensitive Access as a Service
Segregation of Duties and Sensitive Access as a ServiceSegregation of Duties and Sensitive Access as a Service
Segregation of Duties and Sensitive Access as a Service
 
People soft risks and controls for educational institutions
People soft risks and controls for educational institutionsPeople soft risks and controls for educational institutions
People soft risks and controls for educational institutions
 
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus SolutionsAutomating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions
 
SmartERP PeopleSoft Security
SmartERP PeopleSoft Security SmartERP PeopleSoft Security
SmartERP PeopleSoft Security
 
Impact 2013 2963 - IBM Business Process Manager Top Practices
Impact 2013 2963 - IBM Business Process Manager Top PracticesImpact 2013 2963 - IBM Business Process Manager Top Practices
Impact 2013 2963 - IBM Business Process Manager Top Practices
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business Case
 
Workflow and Row-Level Security Solutions for PeopleSoft
Workflow and Row-Level Security Solutions for PeopleSoftWorkflow and Row-Level Security Solutions for PeopleSoft
Workflow and Row-Level Security Solutions for PeopleSoft
 
Brilient login system
Brilient login systemBrilient login system
Brilient login system
 
CyberArk
CyberArkCyberArk
CyberArk
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
 
Impact 2012 1640 - BPM Design considerations when optimizing business process...
Impact 2012 1640 - BPM Design considerations when optimizing business process...Impact 2012 1640 - BPM Design considerations when optimizing business process...
Impact 2012 1640 - BPM Design considerations when optimizing business process...
 
Transforming IT - ITaaS Onboarding
Transforming IT - ITaaS OnboardingTransforming IT - ITaaS Onboarding
Transforming IT - ITaaS Onboarding
 
Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...
Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...
Self Service Cloud Operations: Safely Delegate the Management of your Cloud ...
 
Sreedhar CV_PKI - Certificate Management
Sreedhar CV_PKI - Certificate Management Sreedhar CV_PKI - Certificate Management
Sreedhar CV_PKI - Certificate Management
 
dev@InterConnect workshop - Lean and DevOps
dev@InterConnect workshop - Lean and DevOpsdev@InterConnect workshop - Lean and DevOps
dev@InterConnect workshop - Lean and DevOps
 
Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2
 
Mayank-Tamrakar
Mayank-TamrakarMayank-Tamrakar
Mayank-Tamrakar
 
Maintaining a-healthy-architecture-in-sf
Maintaining a-healthy-architecture-in-sfMaintaining a-healthy-architecture-in-sf
Maintaining a-healthy-architecture-in-sf
 
How much does it cost to be Secure?
How much does it cost to be Secure?How much does it cost to be Secure?
How much does it cost to be Secure?
 
Saipraveen_Cirrculum_Vitae
Saipraveen_Cirrculum_VitaeSaipraveen_Cirrculum_Vitae
Saipraveen_Cirrculum_Vitae
 

More from Smart ERP Solutions, Inc.

Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation
Smart ERP Solutions, Inc.
 
Best Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle ApplicationsBest Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle Applications
Smart ERP Solutions, Inc.
 
Manufactures whats keeping you up
Manufactures whats keeping you upManufactures whats keeping you up
Manufactures whats keeping you up
Smart ERP Solutions, Inc.
 
The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)
Smart ERP Solutions, Inc.
 
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHSNo One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
Smart ERP Solutions, Inc.
 
The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021
Smart ERP Solutions, Inc.
 
Segregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinarSegregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinar
Smart ERP Solutions, Inc.
 
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Smart ERP Solutions, Inc.
 

More from Smart ERP Solutions, Inc. (20)

Transforming Financial Insights with Oracle EPM
Transforming Financial Insights with Oracle EPMTransforming Financial Insights with Oracle EPM
Transforming Financial Insights with Oracle EPM
 
Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation Maximize your Oracle Cloud Investment and Drive Innovation
Maximize your Oracle Cloud Investment and Drive Innovation
 
SmartERP Oracle Capabilities 2023.pptx
SmartERP Oracle Capabilities 2023.pptxSmartERP Oracle Capabilities 2023.pptx
SmartERP Oracle Capabilities 2023.pptx
 
Best Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle ApplicationsBest Practices to Modernizing your Oracle Applications
Best Practices to Modernizing your Oracle Applications
 
Manufactures whats keeping you up
Manufactures whats keeping you upManufactures whats keeping you up
Manufactures whats keeping you up
 
The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)The Fully Automated Enterprise (RPA)
The Fully Automated Enterprise (RPA)
 
Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart erp solutions oracle cloud services overview - 2021 - 2022Smart erp solutions oracle cloud services overview - 2021 - 2022
Smart erp solutions oracle cloud services overview - 2021 - 2022
 
PeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
PeopleSoft Webinar - Configure vs. Customize Page and Field ConfiguratorPeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
PeopleSoft Webinar - Configure vs. Customize Page and Field Configurator
 
Alert framework2021
Alert framework2021Alert framework2021
Alert framework2021
 
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHSNo One Size Fits All - Form I-9 and E-Verify presentation from the DHS
No One Size Fits All - Form I-9 and E-Verify presentation from the DHS
 
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
E-Verify for PeopleSoft - Streamline and automate your Employment Authorizati...
 
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
Pre-board Your New Hires for PeopleSoft - Streamline and automate your pre-bo...
 
Configure Versus Customize: Using PeopleSoft Page and Field Configurator
Configure Versus Customize: Using PeopleSoft Page and Field ConfiguratorConfigure Versus Customize: Using PeopleSoft Page and Field Configurator
Configure Versus Customize: Using PeopleSoft Page and Field Configurator
 
Managed Services - Small, Medium, or Large - what's the best fit for your org...
Managed Services - Small, Medium, or Large - what's the best fit for your org...Managed Services - Small, Medium, or Large - what's the best fit for your org...
Managed Services - Small, Medium, or Large - what's the best fit for your org...
 
Convert manual paper-based business processes into automated paperless
Convert manual paper-based business processes into automated paperlessConvert manual paper-based business processes into automated paperless
Convert manual paper-based business processes into automated paperless
 
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
3 steps to successfully analyzing your PeopleSoft Security for Segregation of...
 
Alert Framework - Alert your organization to errors, changes, and stalled tra...
Alert Framework - Alert your organization to errors, changes, and stalled tra...Alert Framework - Alert your organization to errors, changes, and stalled tra...
Alert Framework - Alert your organization to errors, changes, and stalled tra...
 
The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021The 6 Biggest Trends for AP Leaders in 2021
The 6 Biggest Trends for AP Leaders in 2021
 
Segregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinarSegregation of Duties and Sensitive Access as a Service webinar
Segregation of Duties and Sensitive Access as a Service webinar
 
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
Temporary Policy Changes to Form I-9 and E-Verify due to COVID-19 - Remote an...
 

Recently uploaded

AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
Alluxio, Inc.
 
How To Build a Successful SaaS Design.pdf
How To Build a Successful SaaS Design.pdfHow To Build a Successful SaaS Design.pdf
How To Build a Successful SaaS Design.pdf
ayushiqss
 
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with StrimziStrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi
steffenkarlsson2
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in Michelangelo
Alluxio, Inc.
 
GraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysisGraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysis
Neo4j
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 

Recently uploaded (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
Abortion ^Clinic ^%[+971588192166''] Abortion Pill Al Ain (?@?) Abortion Pill...
 
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAGAI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
AI/ML Infra Meetup | Reducing Prefill for LLM Serving in RAG
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
A Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data MigrationA Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data Migration
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Kraków
 
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
A Python-based approach to data loading in TM1 - Using Airflow as an ETL for TM1
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
How To Build a Successful SaaS Design.pdf
How To Build a Successful SaaS Design.pdfHow To Build a Successful SaaS Design.pdf
How To Build a Successful SaaS Design.pdf
 
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with StrimziStrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in Michelangelo
 
GraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysisGraphAware - Transforming policing with graph-based intelligence analysis
GraphAware - Transforming policing with graph-based intelligence analysis
 
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdfA Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Advanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should KnowAdvanced Flow Concepts Every Developer Should Know
Advanced Flow Concepts Every Developer Should Know
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
 
Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 

Implementing security and controls in people soft best practices - may 2017

  • 1. Implementing Security and Controls in PeopleSoft – Best Practices Lewis Hopkins – Applications Consultant Lewis.Hopkins@smarterp.com
  • 2. Reminders  A recording of today’s session will be sent to all registrants shortly after the webinar.  Phone lines/mics are MUTED.  There will be a Q & A section at the end of today’s session. Please use the GoToWebinar “Questions” feature (not the “Chat” feature) from your control panel to post a question at any time during the presentation.
  • 3. Agenda • About Smart ERP • Managing Super User Access • Access Definitions • Data Security • Productions Do’s and Don’ts • Solutions
  • 5. Achieve Best-In-Class Performance Our mission is to provide innovative, configurable, flexible, cost-effective solutions to common business challenges, enabling our clients to save time, increase productivity, minimize costs, and maximize their return on investment. Solutions Business applications that offer organizations an end-to-end solution providing the right design and implementation from start to finish. Services A 24/7 seasoned and experienced staff of experts to help you implement your business solutions efficiently and effectively at a cost- effective rate. Cloud Cloud applications provide solutions built on proven enterprise class architecture that enable high configurability and ease of monitoring.
  • 6. About SmartERP Oracle Platinum Partner Best practices and expertise in strategic planning, implementation, upgrade and add-on / customization services Unique blend of Solutions and Services ‘Clients for Life’ – High level of client satisfaction and loyalty 200+ Clients across various industries 350+ Employees Global Locations: Headquarters in Pleasanton, CA Offices in Atlanta GA, Hyderabad, Chennai and Bangalore (India) Founded in 2005 by former Oracle Architects, Executives and Consultants
  • 8. Managing Super User Access Communication – Typically Business Users don’t understand the Application’s Security design. Business Users Technical Users Responsibility and Ownership “Foxes watching the Hen House”
  • 9. ‘Super User’ Access • Don’t rely on PSADMIN or VP1 generic logins without controls Options for management: • Break Glass • Individual User Logins
  • 10. BreakGlass Employee requests access to investigate/resolve a Production issue In an IDM Solution: Automate the creation and assignment of Roles Either through timeout or manual process, Change the User credentials so this Employee cannot log back in
  • 11. Individual User Logins Employee’s request access to Production, Sys Admin unlocks their account and grants the Roles required for diagnosis. At the end of the process, the User’s account is locked again.
  • 12. Break Glass Vs Individual User Logins Pros Cons Pros Cons Tight Control Can be slow to respond to incidents Quick – User accounts already exist More User accounts to track potentially Limit the User Accounts with privileges Costly to implement, especially if you don’t have IDM already. Free to implement Manual process Most IDM solutions have audit tracking and other features to track who accessed Prod – even record sessions. Cant track User sessions unless auditing is switched on More Compliant solution No control over User Profiles (unless customized) Break Glass Individual User Logins
  • 13. One more thing… Always worth Auditing User Profiles, Roles/Permission Lists in PeopleSoft. Low transaction, high impact
  • 14. Access Definitions Too many Roles = too many Risks/too difficult to answer who has access to what We’ve seen: 160+ Roles per User 12-24 months before Security is regarded as a mess Are Role Assignments going through a change request?
  • 15. Access Definitions Security too complex – not ‘Business friendly’ Ensure new/copied Security is easy to read Re-Use where possible, for example: Sign on process Delivered Roles have Security issues and please secure ALLPAGES!! Segregation of Duties
  • 16. Access Definitions – find the Navigation
  • 17. Data Security • Row Security limited in PeopleSoft • What to do about PCI or PII? • Field Security, Tokenization, restrict Fields in the Pages, Database Level Security?
  • 18. Is this a good or a bad thing to have?
  • 19. Opportunities for Securing Data For Query: Create Roles/Permission Lists for accessing this Data Secure them against the Fields you use & the Queries for accessing this information • Pros: Accountability – track the Roles that have access • Cons: Can leave out other data required from a table For Access: Use Database level Security to Secure or Obfuscate the Data • Pros: Total Security at the Data level • Cons: May need each User to have a DB level User If one DB User, what about Self Service Users?
  • 20. Production Do’s and Don’ts • Data Mover and Configuration/Development processes– secure them! • Submission of Jobs • Copy of Production for testing and simulation – Who wants to refresh every day? • Don’t rely on Auditing – The Horse may have bolted already!
  • 21. Production Do’s and Don’ts • Separate Configuration from Transactions • Segregation of Duties and Access Analysis – OMB – NIST – SOX Compliance is forcing Organizations to change their Approach to ERP Security and Controls
  • 23. Access and SoD Reporting • Abilities contain the Security required to perform a task or duty – wrapped into an easy to read container • Allow for Roles, Permission Lists, Components, Pages and User Preferences • Incorporate Authorities – can the User update records or not? Abilities for Reporting
  • 24. Data Security • Secure specific Fields such as SSN, Credit Cards are more • Create Contexts: Row Security at the User, Permission List, Role and Tree Level • Open up Data Security possibilities Apply Data Security to any Field on any Page
  • 25. Benefits • Report on who has access to what in plain ‘English’ • Identify and Remediate Users with too much access • Enforce strong Data Security Policies • Comply with legislation and reduce costs Reporting and Data Security as it should be..
  • 26. Achieve Best-In-Class Security and Controls Solutions • Segregation of Duties/Access Reporting • Access Provisioning • Transaction Monitoring • Configuration Monitoring Services • Security and Configuration ‘Scans’ • Security Design and Implementation • Training & Review