Remote Access to PeopleSoft Exposes Vulnerabilities

    Making transactions mobile-friendly is a strategic move toward improving the PeopleSoft application’s user experience. Companies emphasize remote access to self-service modules such as registration of benefits, time entry, permissions, and self-service for students to complete assignments in their own time and even on their own computers. 

    Despite the advantages of mobilizing and opening remote access applications for PeopleSoft, security implications are serious concerns. Expanding access to confidential data beyond a protected perimeter of the corporate network raises the likelihood of attacks and more successful data breaches. As hackers are increasingly targeting individual users and devices – using the human-error factor to their advantage, the emergence of user-centric threats also adds to the risk. 

    No Native Support for SAML

    Native SAML support for PeopleSoft applications is lacking. Consequently, PeopleSoft applications cannot connect to ID providers supporting SAML and are likely to be alienated from other business applications. This restriction is not known to most off-the-shelf SSO providers, and they often suggest custom production, which is expensive, time-consuming, and usually requires the purchase of additional hardware. 

    Static Native Access Controls

    PeopleSoft helps organizations to enforce static rules-based role-based access controls (RBACs). With expanded remote access from beyond a secure network, organizations need more flexibility to monitor and regulate, based on contextual information, what users can access. While authorizing access, RBAC cannot use dynamic information such as company code, project ID, IP address, location, device type, etc.

    MFA Limitations at Login Page

    The primary security model of username & password authentication by PeopleSoft is limited to the login of an application-a restriction that still persists with MFA add-ons from third parties. You have no means of protecting the data through your PeopleSoft applications after a user passes a login. This security control gap means that a high privilege malicious insider might log in and then have access to your PeopleSoft systems and data.

    Inadequate Visibility

    Out of the box, PeopleSoft provides high-level logging, particularly designed for debugging and troubleshooting. These logs do not provide information about what data was accessed, nor do they provide any information on the access context, such as who, where, or when it was collected. Besides, PeopleSoft cannot track, record, or control user behavior and the behavior at a granular level.

    Limited Data Masking 

    The current functionality of PeopleSoft’s data masking is restricted and relies on static rules based on roles. That ensures that users who have the privilege of accessing confidential data, regardless of where they access the application, can see it all. Consequently, sensitive data fields are exposed when user privilege credentials are stolen or when privileged users download data using queries on personal / home computers.

    The Solution

    Your ERP investment offers considerable ROI over its lifetime. Expanding remote access and allowing mobile transactions is the best way to ensure that your users stay efficient to optimize your investment. Organizations can secure their ERP data with a data security solution that delivers a comprehensive suite of access controls and fine-grained security features. Such a solution should, ideally, offer the following capabilities:

    Location-Based Security

    It should let you take advantage of the access context and apply the permissions accordingly. If users access a protected network or the open internet, you can determine precisely what they can view and what transactions they can perform.

    Multi-Factor Authentication

    With such a security solution, you can have MFA challenges dynamically deployed based on the access context. For example, when a user accesses PeopleSoft from a remote IP address, or after business hours, customers can request an MFA challenge. The disturbance of the MFA can be minimized by this versatility, as the risk level can be matched with the security threat.

    Logging & Analytics

    The ideal solution should allow, for PeopleSoft, granular logging and user activity tracking. It should enable clients to collect user activity data coupled with contextual user information, including location, device, IP address, etc. The transaction-level information should be captured in a standardized format that can illustrate malicious incidents, provide actionable data required for incident response, and should provide audit and compliance reports that are ready-to-use.

    Recent Articles

    Em ganho para isso

    Corrigir esses jogos pode não ser tão emocionante quanto os caça-níqueis de televisão, alguns desses jogos de cassino merecem atuação. Por último, os benefícios...



    Schließlich können Sie

    Darüber hinaus zeichnen sich Echtgeld-Pot-Slots durch schöne Kunst und Vokale aus. Um zu entscheiden, welches Casino die Außenflanke für Sie ist, nehmen Sie dasjenige, das...

    Identity and Access Management: Some Challenges

    In today's digital age, there are more apps that are cloud-based, more resources, more devices, and more users. 94 percent of Chief...

    Insider Threats: Some Ways Of Detection and Prevention

    The leading cause of data breaches worldwide is insider attacks, and it is also among the most expensive. As per a recent...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox