The document provides an overview of Grey Heller and Duo Security, focusing on security challenges and the implementation of two-factor authentication to improve protection against credential theft. It discusses the integration of Duo Security with ERP firewalls to enhance access control, reduce risks for both users and institutions, and offers insights into configuration and lifecycle management. Lastly, it presents the approach for implementing and testing the two-factor authentication system within PeopleSoft environments.

1. Grey Heller, Proprietary and Confidential
Presenters
Larry Grey
President, GreyHeller
Brian Kelly
Principal Product Marketing Manager
GreyHeller + Duo Security

2. Grey Heller, Proprietary and Confidential
Agenda
n GreyHeller & Duo Security Overview
n Today’s Security Challenges
n Solving with Two-Factor Authentication
n ERP Firewall and Duo Integration
n Implementation and Administration

3. Grey Heller, Proprietary and Confidential
GreyHeller
§ Nearly 200 years of PeopleSoft engineering
experience
§ ~100 customers
§ Oracle PeopleSoft Customer Advisory Board
§ PeopleSoft beta test partner: PeopleTools 8.54

4. Key Commercial Customers
GreyHeller,
Proprietary
&
Confiden4al

5. Key Education Customers
Grey
Heller,
Proprietary
&
Confiden4al

6. Better Security, Not Just More.
Brian Kelly
Principal Product Marketing Manager
Duo Security

7. Duo Security – Two-Factor Authentication Made Easy
☁
-. ,
!Easy to Manage Easy To Deploy
Easy to Use
✓

8. Thousands Of Customers Protected By Duo
duosecurity.com/success-stories

9. 100% OF BREACHES
involve stolen credentials
— Mandiant
Source: mandiant.com/threat-landscape and M-Trends annual reports

10. ‣ Phished
‣ Guessed
‣ Keylogged
‣ Sniffed
‣ Cracked
‣ Reused
‣ Bypassed
Credentials Are Easily Stolen

11. Solution: Two-Factor Authentication

12. Grey Heller, Proprietary and Confidential
Today’s Security Challenges
n Phishing and targeted spear phishing
n Access anywhere anytime
n Complex support environments
n Security policy enforcement
n Non-technical users that receive little training

13. Grey Heller, Proprietary and Confidential
Two Factor Use Cases
n Protecting Self Service use
n Protection by location
n Super User / Admin protection
¨ Functional and technical privileged users
n Sharing credentials, policy violations
n Protects untrained users

14. Grey Heller, Proprietary and Confidential
Solving with Two Factor Authentication

15. Grey Heller, Proprietary and Confidential
Solving with Two Factor Authentication
n Where should the challenge occur?
¨ Log in
¨ Only when accessing Sensitive Transactions
¨ Unlocking Masked Data
n One Size does not fit All
¨ Self Service versus Admin Use
¨ Privileged versus General Users
¨ Trusted versus Untrusted Locations
¨ HR versus CS versus FS

16. Grey Heller, Proprietary and Confidential
DEMO

17. Grey Heller, Proprietary and Confidential
Integration

18. Grey Heller, Proprietary and Confidential
Integration
n ERP Firewall
¨ Provides the mechanism to enforce a Duo Challenge
¨ Allows mixing and matching of enforcement rules
n Duo Security
¨ Generates a second factor challenge to the user and
evaluates the result
¨ Supports multiple channels for challenging users

19. Grey Heller, Proprietary and Confidential
ERP Firewall
n Delivers the ability to:
¨ Control access based on location, user, role, content,
state, or any header and data attribute
¨ Flexible and configurable logging
¨ Implement 2nd factor challenges for content you wish
to secure more strongly
¨ Display your own system messages to your users
¨ Restrict access when system is under maintenance

20. Grey Heller, Proprietary and Confidential
Access Control Made Easy
Restrict access when
Down for Admin
Display System
Message
Allow access to Self
Service Pages
Challenge External
access to vendor pages
Block all other external
internet access
Log Access by at Risk
employees

21. Grey Heller, Proprietary and Confidential
ERP Firewall Flow
PeopleSoft
App Server
PeopleSoft
Application
Database
PeopleSoftApplication
Permissions
Display
Page
Business
Logic
PeopleSoft
Web Server
PeopleSoft
Servlet
Response
Request
Load
Configuration
Config
Cache
Evaluate
Data Rule
Activity
Log
Log
Block
GreyHellerERPFirewallPlug-in
AllowAllow
Redirect

22. Grey Heller, Proprietary and Confidential
Powerful Logging
n Gathers a complete picture of access
¨ Userid / IP Address / Result / Browser / Date / Time
¨ Login Page / Portal Content / PeopleSoft Page / iScript
¨ EMPLID / Search Criteria / Actions taken
n Allows creation of targeted logs
¨ Failed login activity
¨ Activity for specific content
¨ Activity for types of users
¨ 2-factor activity

25. Duo Security – Two-Factor Authentication Made Easy
☁
-. ,
!Easy to Manage Easy To Deploy
Easy to Use
✓

27. Easy To Use – Your Phone Is Your Key
‣ One-tap to authenticate
‣ Reduce 2FA interruptions
‣ Help users help themselves
‣ Support every phone (and token)

29. Easy To Manage – For Help Desk, IT, and Security Staff
‣ Flexible user enrollment
‣ Support end users quickly
‣ Customize security policy, by group
‣ Get real-time authentication information
‣ Fully extensible with Admin API

30. Grey Heller, Proprietary and Confidential
Configuration
n When the user is challenged
n What types of users should be challenged
n Portal rules
n Field masking
n Location rules
n Event logging
n Duo server rules

31. Grey Heller, Proprietary and Confidential
Configuration
n Provisioning users in Duo
ü Self-Enrollment
ü Active Directory Sync
ü Bulk Import
ü Manual
ü API

32. Grey Heller, Proprietary and Confidential
Lifecycle Management
n PeopleSoft General Maintenance
¨ Application Upgrades and Bundles
¨ PeopleTools Upgrades and Patches
¨ Customizations
n ERP Firewall
¨ Rules Engine means existing configuration is resilient to
upgrades
¨ Understands differences between PeopleSoft releases
n Duo
¨ ERP Firewall isolates Duo from PeopleSoft impact

33. Grey Heller, Proprietary and Confidential
Duo Implementation Methodology
Functional Steps
n 2 Factor Challenge
¨ Identify Pages
¨ Configure Firewall based on
content
n Functional Testing
¨ Initial Testing using temporary 2
Factor infrastructure
n Logging
¨ Determine log conditions
¨ Determine log content
Infrastructure Steps
n PeopleSoft/Duo Environments
¨ Development / Test / Production
n Product Installation
n 2 Factor Infrastructure
¨ Configure DUO Server/ERP
Firewall Integration
¨ Define Duo User Provisioning
Rules
n Move to Production

34. Grey Heller, Proprietary and Confidential
Thank you
For more information on
GreyHeller or to schedule a
private demonstration,
please email:
Kelly Jones
Vice-President, Marketing
kelly.jones@greyheller.com