SlideShare a Scribd company logo

Securing Access to PeopleSoft ERP with Duo Security and GreyHeller

Duo Security
Duo Security

Learn how to add two-factor authentication to secure remote access for employees, staff, partners, and customers that need to access PeopleSoft at your organization.

Technology
1 of 34
Download to read offline
Grey Heller, Proprietary and Confidential Presenters Larry Grey President, GreyHeller Brian Kelly Principal Product Marketing Manager GreyHeller + Duo Security
Grey Heller, Proprietary and Confidential Agenda n  GreyHeller & Duo Security Overview n  Today’s Security Challenges n  Solving with Two-Factor Authentication n  ERP Firewall and Duo Integration n  Implementation and Administration
Grey Heller, Proprietary and Confidential GreyHeller §  Nearly 200 years of PeopleSoft engineering experience §  ~100 customers §  Oracle PeopleSoft Customer Advisory Board §  PeopleSoft beta test partner: PeopleTools 8.54
Key Commercial Customers GreyHeller,  Proprietary  &  Confiden4al  
Key Education Customers Grey  Heller,  Proprietary  &  Confiden4al  
Better Security, Not Just More. Brian Kelly Principal Product Marketing Manager Duo Security
Duo Security – Two-Factor Authentication Made Easy ☁ -. , !Easy to Manage Easy To Deploy Easy to Use ✓
Thousands Of Customers Protected By Duo duosecurity.com/success-stories
100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
‣ Phished ‣ Guessed ‣ Keylogged ‣ Sniffed ‣ Cracked ‣ Reused ‣ Bypassed Credentials Are Easily Stolen
Solution: Two-Factor Authentication
Grey Heller, Proprietary and Confidential Today’s Security Challenges n  Phishing and targeted spear phishing n  Access anywhere anytime n  Complex support environments n  Security policy enforcement n  Non-technical users that receive little training
Grey Heller, Proprietary and Confidential Two Factor Use Cases n  Protecting Self Service use n  Protection by location n  Super User / Admin protection ¨ Functional and technical privileged users n  Sharing credentials, policy violations n  Protects untrained users
Grey Heller, Proprietary and Confidential Solving with Two Factor Authentication
Grey Heller, Proprietary and Confidential Solving with Two Factor Authentication n  Where should the challenge occur? ¨ Log in ¨ Only when accessing Sensitive Transactions ¨ Unlocking Masked Data n  One Size does not fit All ¨ Self Service versus Admin Use ¨ Privileged versus General Users ¨ Trusted versus Untrusted Locations ¨ HR versus CS versus FS
Grey Heller, Proprietary and Confidential DEMO
Grey Heller, Proprietary and Confidential Integration
Grey Heller, Proprietary and Confidential Integration n  ERP Firewall ¨ Provides the mechanism to enforce a Duo Challenge ¨ Allows mixing and matching of enforcement rules n  Duo Security ¨ Generates a second factor challenge to the user and evaluates the result ¨ Supports multiple channels for challenging users
Grey Heller, Proprietary and Confidential ERP Firewall n  Delivers the ability to: ¨ Control access based on location, user, role, content, state, or any header and data attribute ¨ Flexible and configurable logging ¨ Implement 2nd factor challenges for content you wish to secure more strongly ¨ Display your own system messages to your users ¨ Restrict access when system is under maintenance
Grey Heller, Proprietary and Confidential Access Control Made Easy Restrict access when Down for Admin Display System Message Allow access to Self Service Pages Challenge External access to vendor pages Block all other external internet access Log Access by at Risk employees
Grey Heller, Proprietary and Confidential ERP Firewall Flow PeopleSoft App Server PeopleSoft Application Database PeopleSoftApplication Permissions Display Page Business Logic PeopleSoft Web Server PeopleSoft Servlet Response Request Load Configuration Config Cache Evaluate Data Rule Activity Log Log Block GreyHellerERPFirewallPlug-in AllowAllow Redirect
Grey Heller, Proprietary and Confidential Powerful Logging n  Gathers a complete picture of access ¨  Userid / IP Address / Result / Browser / Date / Time ¨  Login Page / Portal Content / PeopleSoft Page / iScript ¨  EMPLID / Search Criteria / Actions taken n  Allows creation of targeted logs ¨  Failed login activity ¨  Activity for specific content ¨  Activity for types of users ¨  2-factor activity
Duo Security – Two-Factor Authentication Made Easy ☁ -. , !Easy to Manage Easy To Deploy Easy to Use ✓
Easy To Use – Your Phone Is Your Key ‣ One-tap to authenticate ‣ Reduce 2FA interruptions ‣ Help users help themselves ‣ Support every phone (and token)
Easy To Manage – For Help Desk, IT, and Security Staff ‣ Flexible user enrollment ‣ Support end users quickly ‣ Customize security policy, by group ‣ Get real-time authentication information ‣ Fully extensible with Admin API
Grey Heller, Proprietary and Confidential Configuration n  When the user is challenged n  What types of users should be challenged n  Portal rules n  Field masking n  Location rules n  Event logging n  Duo server rules
Grey Heller, Proprietary and Confidential Configuration n  Provisioning users in Duo ü  Self-Enrollment ü  Active Directory Sync ü  Bulk Import ü  Manual ü  API
Grey Heller, Proprietary and Confidential Lifecycle Management n  PeopleSoft General Maintenance ¨  Application Upgrades and Bundles ¨  PeopleTools Upgrades and Patches ¨  Customizations n  ERP Firewall ¨  Rules Engine means existing configuration is resilient to upgrades ¨  Understands differences between PeopleSoft releases n  Duo ¨  ERP Firewall isolates Duo from PeopleSoft impact
Grey Heller, Proprietary and Confidential Duo Implementation Methodology Functional Steps n  2 Factor Challenge ¨  Identify Pages ¨  Configure Firewall based on content n  Functional Testing ¨  Initial Testing using temporary 2 Factor infrastructure n  Logging ¨  Determine log conditions ¨  Determine log content Infrastructure Steps n  PeopleSoft/Duo Environments ¨  Development / Test / Production n  Product Installation n  2 Factor Infrastructure ¨  Configure DUO Server/ERP Firewall Integration ¨  Define Duo User Provisioning Rules n  Move to Production
Grey Heller, Proprietary and Confidential Thank you For more information on GreyHeller or to schedule a private demonstration, please email: Kelly Jones Vice-President, Marketing kelly.jones@greyheller.com

Recommended

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Brian Kelly
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesDuo Security
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongForrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongDuo Security
 
Security For The People: End-User Authentication Security on the Internet by ...
Security For The People: End-User Authentication Security on the Internet by ...Security For The People: End-User Authentication Security on the Internet by ...
Security For The People: End-User Authentication Security on the Internet by ...Duo Security
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?centralohioissa
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 

Recommended

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Brian Kelly
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesDuo Security
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongForrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongDuo Security
 
Security For The People: End-User Authentication Security on the Internet by ...
Security For The People: End-User Authentication Security on the Internet by ...Security For The People: End-User Authentication Security on the Internet by ...
Security For The People: End-User Authentication Security on the Internet by ...Duo Security
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?centralohioissa
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Kevin M. Moker, CFE, CISSP, ISSMP, CISM
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune Systemcentralohioissa
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 
How I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWHow I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWSounil Yu
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanAsad Zaman
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security IntelligenceSplunk
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecuritySounil Yu
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021Adrian Sanabria
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Evidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsEvidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsPriyanka Aash
 
PeopleMobile™
PeopleMobile™PeopleMobile™
PeopleMobile™Grey Heller
 
Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Datameer
 

More Related Content

What's hot

VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune Systemcentralohioissa
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 
How I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWHow I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWSounil Yu
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanAsad Zaman
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security IntelligenceSplunk
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecuritySounil Yu
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021Adrian Sanabria
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Evidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsEvidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsPriyanka Aash
 

What's hot (20)

VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
 
How I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKWHow I Learned to Stop Information Sharing and Love the DIKW
How I Learned to Stop Information Sharing and Love the DIKW
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _Zaman
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security Intelligence
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
Evidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsEvidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five Controls
 

Similar to Securing Access to PeopleSoft ERP with Duo Security and GreyHeller

Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Datameer
 
Security from the Inside
Security from the InsideSecurity from the Inside
Security from the InsideNaomi Weisz
 
The 7 Rules of IT Disaster Recovery by Acronis
The 7 Rules of IT Disaster Recovery by AcronisThe 7 Rules of IT Disaster Recovery by Acronis
The 7 Rules of IT Disaster Recovery by AcronisAcronis
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 
Channel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsChannel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsDell World
 
Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...
Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...
Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...iland Cloud
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessCloudflare
 
VMworld Europe 2014: Preview the Latest Release from AirWatch
VMworld Europe 2014: Preview the Latest Release from AirWatchVMworld Europe 2014: Preview the Latest Release from AirWatch
VMworld Europe 2014: Preview the Latest Release from AirWatchVMworld
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxssusercc05cf
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
Data Consult Managed Security Services
Data Consult Managed Security ServicesData Consult Managed Security Services
Data Consult Managed Security ServicesJad Bejjani
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareKonverge Technologies Pvt. Ltd.
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
The Business Computing Imperative: Delivering End User Productivity and IT Co...
The Business Computing Imperative: Delivering End User Productivity and IT Co...The Business Computing Imperative: Delivering End User Productivity and IT Co...
The Business Computing Imperative: Delivering End User Productivity and IT Co...Dell World
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersFIDO Alliance
 
Addressing Password Creep
Addressing Password CreepAddressing Password Creep
Addressing Password CreepDigitalPersona
 
Implementing Secure Access & Mobile Identity
Implementing Secure Access & Mobile IdentityImplementing Secure Access & Mobile Identity
Implementing Secure Access & Mobile IdentityJeff Green
 

Similar to Securing Access to PeopleSoft ERP with Duo Security and GreyHeller (20)

PeopleMobile™
PeopleMobile™PeopleMobile™
PeopleMobile™
 
Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?
 
Security from the Inside
Security from the InsideSecurity from the Inside
Security from the Inside
 
The 7 Rules of IT Disaster Recovery by Acronis
The 7 Rules of IT Disaster Recovery by AcronisThe 7 Rules of IT Disaster Recovery by Acronis
The 7 Rules of IT Disaster Recovery by Acronis
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security Services
 
Channel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software SolutionsChannel Partners: Lead with Dell Software Solutions
Channel Partners: Lead with Dell Software Solutions
 
Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...
Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...
Webinar: IT Disaster Recovery - Simplifying IT Resilience With the Help of th...
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
Securing Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare AccessSecuring Internal Applications with Cloudflare Access
Securing Internal Applications with Cloudflare Access
 
VMworld Europe 2014: Preview the Latest Release from AirWatch
VMworld Europe 2014: Preview the Latest Release from AirWatchVMworld Europe 2014: Preview the Latest Release from AirWatch
VMworld Europe 2014: Preview the Latest Release from AirWatch
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptx
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 
Data Consult Managed Security Services
Data Consult Managed Security ServicesData Consult Managed Security Services
Data Consult Managed Security Services
 
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP SoftwareExplore Top Data Loss Prevention Tools | Fortify with DLP Software
Explore Top Data Loss Prevention Tools | Fortify with DLP Software
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
The Business Computing Imperative: Delivering End User Productivity and IT Co...
The Business Computing Imperative: Delivering End User Productivity and IT Co...The Business Computing Imperative: Delivering End User Productivity and IT Co...
The Business Computing Imperative: Delivering End User Productivity and IT Co...
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and Consumers
 
Mechsoft products services
Mechsoft products servicesMechsoft products services
Mechsoft products services
 
Addressing Password Creep
Addressing Password CreepAddressing Password Creep
Addressing Password Creep
 
Implementing Secure Access & Mobile Identity
Implementing Secure Access & Mobile IdentityImplementing Secure Access & Mobile Identity
Implementing Secure Access & Mobile Identity
 

More from Duo Security

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Duo Security
 
A Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
A Place to Hang Our Hats: Security Community and Culture by Domenic RizzoloA Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
A Place to Hang Our Hats: Security Community and Culture by Domenic RizzoloDuo Security
 
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...Duo Security
 
Making Web Development "Secure By Default"
Making Web Development "Secure By Default" Making Web Development "Secure By Default"
Making Web Development "Secure By Default" Duo Security
 
Probing Mobile Operator Networks - Collin Mulliner
Probing Mobile Operator Networks - Collin MullinerProbing Mobile Operator Networks - Collin Mulliner
Probing Mobile Operator Networks - Collin MullinerDuo Security
 
The Real Deal of Android Device Security: The Third Party
The Real Deal of Android Device Security: The Third PartyThe Real Deal of Android Device Security: The Third Party
The Real Deal of Android Device Security: The Third PartyDuo Security
 
No Apology Required: Deconstructing BB10
No Apology Required: Deconstructing BB10No Apology Required: Deconstructing BB10
No Apology Required: Deconstructing BB10Duo Security
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatDuo Security
 

More from Duo Security (8)

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
 
A Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
A Place to Hang Our Hats: Security Community and Culture by Domenic RizzoloA Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
A Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
 
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
 
Making Web Development "Secure By Default"
Making Web Development "Secure By Default" Making Web Development "Secure By Default"
Making Web Development "Secure By Default"
 
Probing Mobile Operator Networks - Collin Mulliner
Probing Mobile Operator Networks - Collin MullinerProbing Mobile Operator Networks - Collin Mulliner
Probing Mobile Operator Networks - Collin Mulliner
 
The Real Deal of Android Device Security: The Third Party
The Real Deal of Android Device Security: The Third PartyThe Real Deal of Android Device Security: The Third Party
The Real Deal of Android Device Security: The Third Party
 
No Apology Required: Deconstructing BB10
No Apology Required: Deconstructing BB10No Apology Required: Deconstructing BB10
No Apology Required: Deconstructing BB10
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 

Recently uploaded

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...Product School
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...Product School
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationZilliz
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...Sri Ambati
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...Elena Simperl
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...Product School
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 

Recently uploaded (20)

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 

Securing Access to PeopleSoft ERP with Duo Security and GreyHeller

  • 1. Grey Heller, Proprietary and Confidential Presenters Larry Grey President, GreyHeller Brian Kelly Principal Product Marketing Manager GreyHeller + Duo Security
  • 2. Grey Heller, Proprietary and Confidential Agenda n  GreyHeller & Duo Security Overview n  Today’s Security Challenges n  Solving with Two-Factor Authentication n  ERP Firewall and Duo Integration n  Implementation and Administration
  • 3. Grey Heller, Proprietary and Confidential GreyHeller §  Nearly 200 years of PeopleSoft engineering experience §  ~100 customers §  Oracle PeopleSoft Customer Advisory Board §  PeopleSoft beta test partner: PeopleTools 8.54
  • 4. Key Commercial Customers GreyHeller,  Proprietary  &  Confiden4al  
  • 5. Key Education Customers Grey  Heller,  Proprietary  &  Confiden4al  
  • 6. Better Security, Not Just More. Brian Kelly Principal Product Marketing Manager Duo Security
  • 7. Duo Security – Two-Factor Authentication Made Easy ☁ -. , !Easy to Manage Easy To Deploy Easy to Use ✓
  • 8. Thousands Of Customers Protected By Duo duosecurity.com/success-stories
  • 9. 100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
  • 10. ‣ Phished ‣ Guessed ‣ Keylogged ‣ Sniffed ‣ Cracked ‣ Reused ‣ Bypassed Credentials Are Easily Stolen
  • 12. Grey Heller, Proprietary and Confidential Today’s Security Challenges n  Phishing and targeted spear phishing n  Access anywhere anytime n  Complex support environments n  Security policy enforcement n  Non-technical users that receive little training
  • 13. Grey Heller, Proprietary and Confidential Two Factor Use Cases n  Protecting Self Service use n  Protection by location n  Super User / Admin protection ¨ Functional and technical privileged users n  Sharing credentials, policy violations n  Protects untrained users
  • 14. Grey Heller, Proprietary and Confidential Solving with Two Factor Authentication
  • 15. Grey Heller, Proprietary and Confidential Solving with Two Factor Authentication n  Where should the challenge occur? ¨ Log in ¨ Only when accessing Sensitive Transactions ¨ Unlocking Masked Data n  One Size does not fit All ¨ Self Service versus Admin Use ¨ Privileged versus General Users ¨ Trusted versus Untrusted Locations ¨ HR versus CS versus FS
  • 16. Grey Heller, Proprietary and Confidential DEMO
  • 17. Grey Heller, Proprietary and Confidential Integration
  • 18. Grey Heller, Proprietary and Confidential Integration n  ERP Firewall ¨ Provides the mechanism to enforce a Duo Challenge ¨ Allows mixing and matching of enforcement rules n  Duo Security ¨ Generates a second factor challenge to the user and evaluates the result ¨ Supports multiple channels for challenging users
  • 19. Grey Heller, Proprietary and Confidential ERP Firewall n  Delivers the ability to: ¨ Control access based on location, user, role, content, state, or any header and data attribute ¨ Flexible and configurable logging ¨ Implement 2nd factor challenges for content you wish to secure more strongly ¨ Display your own system messages to your users ¨ Restrict access when system is under maintenance
  • 20. Grey Heller, Proprietary and Confidential Access Control Made Easy Restrict access when Down for Admin Display System Message Allow access to Self Service Pages Challenge External access to vendor pages Block all other external internet access Log Access by at Risk employees
  • 21. Grey Heller, Proprietary and Confidential ERP Firewall Flow PeopleSoft App Server PeopleSoft Application Database PeopleSoftApplication Permissions Display Page Business Logic PeopleSoft Web Server PeopleSoft Servlet Response Request Load Configuration Config Cache Evaluate Data Rule Activity Log Log Block GreyHellerERPFirewallPlug-in AllowAllow Redirect
  • 22. Grey Heller, Proprietary and Confidential Powerful Logging n  Gathers a complete picture of access ¨  Userid / IP Address / Result / Browser / Date / Time ¨  Login Page / Portal Content / PeopleSoft Page / iScript ¨  EMPLID / Search Criteria / Actions taken n  Allows creation of targeted logs ¨  Failed login activity ¨  Activity for specific content ¨  Activity for types of users ¨  2-factor activity
  • 23.
  • 24.
  • 25. Duo Security – Two-Factor Authentication Made Easy ☁ -. , !Easy to Manage Easy To Deploy Easy to Use ✓
  • 26.
  • 27. Easy To Use – Your Phone Is Your Key ‣ One-tap to authenticate ‣ Reduce 2FA interruptions ‣ Help users help themselves ‣ Support every phone (and token)
  • 28.
  • 29. Easy To Manage – For Help Desk, IT, and Security Staff ‣ Flexible user enrollment ‣ Support end users quickly ‣ Customize security policy, by group ‣ Get real-time authentication information ‣ Fully extensible with Admin API
  • 30. Grey Heller, Proprietary and Confidential Configuration n  When the user is challenged n  What types of users should be challenged n  Portal rules n  Field masking n  Location rules n  Event logging n  Duo server rules
  • 31. Grey Heller, Proprietary and Confidential Configuration n  Provisioning users in Duo ü  Self-Enrollment ü  Active Directory Sync ü  Bulk Import ü  Manual ü  API
  • 32. Grey Heller, Proprietary and Confidential Lifecycle Management n  PeopleSoft General Maintenance ¨  Application Upgrades and Bundles ¨  PeopleTools Upgrades and Patches ¨  Customizations n  ERP Firewall ¨  Rules Engine means existing configuration is resilient to upgrades ¨  Understands differences between PeopleSoft releases n  Duo ¨  ERP Firewall isolates Duo from PeopleSoft impact
  • 33. Grey Heller, Proprietary and Confidential Duo Implementation Methodology Functional Steps n  2 Factor Challenge ¨  Identify Pages ¨  Configure Firewall based on content n  Functional Testing ¨  Initial Testing using temporary 2 Factor infrastructure n  Logging ¨  Determine log conditions ¨  Determine log content Infrastructure Steps n  PeopleSoft/Duo Environments ¨  Development / Test / Production n  Product Installation n  2 Factor Infrastructure ¨  Configure DUO Server/ERP Firewall Integration ¨  Define Duo User Provisioning Rules n  Move to Production
  • 34. Grey Heller, Proprietary and Confidential Thank you For more information on GreyHeller or to schedule a private demonstration, please email: Kelly Jones Vice-President, Marketing kelly.jones@greyheller.com

Editor's Notes

  1. 1