Appsian ERP Security Blog | PeopleSoft and SAP Topics

Categories:

Filter By Year:

April 7, 2021

Are ERP Security and Compliance Risks Interfering with Your Digital Transformation?

Implementing enterprise resource planning (ERP) systems has always been both mission-critical and notoriously difficult. They must align with business processes,……

Advancing SAP Security and Risk Management with Least Privilege 2.0

The ERP security landscape is drastically evolving and traditionally on-premise applications such as SAP ECC and S/4HANA are falling behind.……

Key Strategies for Improving ERP Data Privacy and Compliance

With 2020 nearly three months behind us and the rollout of COVID-19 vaccines picking up speed, organizations are looking hopefully……

How Appsian Reduces Risk in SAP Procurement Transactions

The sheer breadth and complexity of the procurement process can make maintaining effective internal controls difficult. Organizations must implement business……

How Appsian Improves SAP Segregation of Duties Violations Management

From stopping fraud, theft, and errors to preventing SOX compliance violations, SAP Segregation of Duties (SoD) plays a lead role……

Implementing Dynamic SAP Data Masking in ECC & S/4HANA Using Appsian

2020 brought about a reckoning for organizations that were slow to adopt strong data privacy and data loss prevention strategies.……

It’s Time to Include Data in the ERP Security Conversation

ERP security had traditionally focused on vulnerability testing for ERP applications, whether hosted on-premise or in the cloud. Given the……

How Remote Work Has Accelerated ERP Data Privacy Challenges

If 2020 was the year of hastily enabling secure remote access to ERP applications, then 2021 will be the year……

[Podcast] Potential ERP Data Security and Compliance Risks for Legacy Applications

Appsian's Executive Director for Security Solutions, Greg Wendt, appears in the latest episode of Brilliance Security Magazine Podcast. The focus of the conversation……

Modernize PeopleSoft Security with Defense in Depth

As work-from-home continues into 2021 indefinitely and the reality of this increased risk becomes clearer, organizations should heavily prioritize the……

5 Types of Insider Threats and How to Detect Them in Your ERP System

While the majority of data breaches are from insider threats—a startling 57% according to the Verizon Insider Threat Report—many organizations overlook these internal dangers. Whether careless or malicious, employee, partner,……

Securing Business Data in ERP Applications: A Fast Path Guide to Success

With 2020 coming to a close, ensuring business applications are equipped to meet the longterm access demands of 2021 is……

Why the California Privacy Rights Act (CPRA) Presents Challenges for Legacy ERP Customers

While nearly everyone was focusing on the results of the 2020 Presidential race, California voters passed Proposition 24, the California……

How to Detect Insider Threats in Your ERP System

Insider Threats Are Becoming More Frequent and More Costly to Organizations. Especially Those Using Legacy ERP Systems. Here's How You……

Using Advanced Analytics to Improve ERP System Performance

Improve ERP System Performance with Real-Time Data Access & Usage Visibility Your ERP system is a complex ecosystem with multiple deployments, serving hundreds to……

How IT Can Use ERP Data to Become a Hero to their Business Stakeholders

When business stakeholders come to you looking for answers, having visibility and context around ERP data access and usage gives……

Are Advanced Persistent Threats (APT) Haunting Your ERP Applications?

Halloween 2020 (the day, not another movie) is right around the corner. Usually, I'm thinking about spirits and haunted houses……

Data Breaches Are Going Up, While Cybersecurity Training is… Going Down?

According to a recent Shred-It survey, both senior leaders and employees indicated data breaches doubling in frequency in the last……

PeopleSoft Single Sign-On (SAML/ADFS): Why You Should Not Customize

Don’t Risk the Security of your Data by Customizing an SSO Integration for PeopleSoft I was on a discovery call……

SAP Access Control: A Beginner’s Guide to SAP Dynamic Authorization

As your company’s digital footprint grows, you can enhance your security posture by complementing your existing SAP Role-Based Access Controls……

How Does Appsian Work with SAP GRC Access Control?

At the SAPinsider 2020 virtual conference experience, one of our product demo attendees asked how Appsian works with SAP GRC Access Control. We get this question a……

Monitoring High Privileged User Activity in PeopleSoft and SAP Using Appsian360

We are in the midst of a perfect storm of ERP security calamity: the greatest work from home experiment colliding with historic……

Protecting ERP Data from Application Vulnerabilities Using A Multi-Layered Security Approach

You spend countless hours, not to mention considerable money, to secure your SAP and Oracle ERP data. One day, you discover that cybercriminals……

Why Colleges and Universities are Rushing to Implement Single Sign-On for PeopleSoft

It’s not uncommon for higher education institutions to approach us (with great haste) about our Single Sign-On (SSO) solution for PeopleSoft Campus Solutions. Lately, I’ve noticed……

When it Comes to ERP Data Security, Context (of Access) Matters – Appsian360 Can Help!

Organizations using traditional, on-premise ERP applications like SAP ECC and Oracle PeopleSoft are facing a rapidly changing reality around the……

The RECON Bug Highlights SAP Customers’ Need for Fine-Grained Control and Visibility (Not Just Security Patches)

A critical SAP vulnerability (CVE-2020-6287 or RECON) was recently discovered by Onapsis, giving attackers TOTAL control of vulnerable business applications. It allows……

SAP RECON Vulnerability Puts Thousands of ERP Customers at Critical Risk

A critical SAP vulnerability (CVE-2020-6287 or RECON) was recently discovered by Onapsis that gives attackers TOTAL control of vulnerable business……

Appsian Releases Report Revealing Executive Perspective on SAP Business Risks and Controls

Every organization using SAP ERP applications faces the unique challenge of maintaining a strong security posture while enabling productive business processes. Throw in the uncertainty of today’s rapidly changing environment, and you……

CCPA Enforcement Is on Track to Start July 1, 2020. Are Your Data Privacy Strategies Ready?

Time is almost up for companies scrambling to get their data privacy strategies in compliance with the California Consumer Protection Act (CCPA). Beginning as……

Australia Under Cyberattack – How to Quickly Implement “Zero Trust Security” in PeopleSoft

Just a few days ago, the Australian Prime Minister, Scott Morrison announced that Australia is being continuously targeted by sophisticated,……

Improve SAP Access Policy Management During These Turbulent Times – and Beyond

In these less than ordinary times, organizations are dealing with disruption at a frequency higher than ever before. An unfortunate side-effect……

Your Network Access Could Be for Sale on the Dark Web. Why ABAC is Critical for ERP Data when Your Network is Vulnerable

Thanks to TV commercials for identity protection services, you're forgiven for thinking that that dark web is primarily a place where criminals……

Does ERP Data Security Qualify as an Essential IT Project? Here Are Five Reasons Why It Does.

Stop me if you've heard (or spoken) this phrase: "All non-essential projects have been put on hold." To be fair,……

Access Governance is Critical for Preventing Phishing Attacks

The news is flooded with stories about cybercriminals successfully engaging in phishing and social engineering aimed at exploiting people’s COVID-19……

Why the Keys to Maintaining ERP Data Security in a Remote Environment are Control and Visibility

Remote workforces are nothing new to most organizations. According to Buffer’s 2019 State of Remote Work report, 44% of respondents……

Managing Compliance Costs with Enhanced Cybersecurity Visibility

Data privacy regulations are rapidly reshaping the way companies monitor, manage, and even define the data they collect and store.……

The Implications of Remote (Higher Education) Learning… Now that CSU Announced Campuses are 100% Remote in the Fall

California State University, the largest four-year public university system in the country, made headlines when it announced Tuesday that it intends to……

ERP User Activity Monitoring: Here are the (5) Most Important Details to Capture

Analytics have always been necessary for informing ERP data security policies. This has never been more relevant than today, in this……

Happy World Password Day! Celebrate By Adopting Passwordless Authentication (for PeopleSoft)

Every first Thursday in May, cybersecurity professionals collectively roll their eyes at the idea that there is (in fact), a……

Oracle Extends PeopleSoft Support to 2031. Now’s the Time to Invest in PeopleSoft Data Security Projects

On April 19, 2020, Oracle announced on its PeopleSoft Support blog that the company is extending support for the ERP application……

How to Streamline the SAP Segregation of Duties Exception Process Using Attribute-Based Access Controls

Secure, compliant, and efficient business processes are critical to enterprise operations. In SAP, Segregation of Duties (SoD) is a key……

Why VPN is Not Enough – and why Investing in ERP Data Security is Critical

With remote workplaces being put to the test, organizations are looking to quickly scale their security practices. Unfortunately, many are……

User Behavior Analytics are Critical in Remote ERP Environments. Here’s Why…

I was recently speaking with a customer who expressed a common concern. Because of COVID-19, their entire finance team was……

Looking for a PeopleSoft ‘Quick Win’? Integrate SAML for Single Sign-On (SSO)

It’s no secret that managing PeopleSoft passwords can be challenging. This has been a hot topic for years – and……

Is a VPN Enough to Maintain ERP Data Security?

With the influx of remote access demands, VPN vendors are no doubt having their moment. This is 100% warranted, but……

Protecting Remote Users From the Latest Barrage of Social Engineering Attacks

The rapid acceleration from on-location to remote workforce as part of the Coronavirus Pandemic response opened the door to malicious……

Remote Access: You Can’t Fight the Trend

In September of 2001, I was conducting a comprehensive security audit of a major health care insurer. They were dealing……

Five Tips to Make You a Work-From-Home Pro

The streets are empty, offices are closed, and your favorite bar around the corner is shut down until... well, we……

Remote Access to PeopleSoft a Requirement? Here’s (3) Success Stories to Consider

With the workforce disruption caused by Coronavirus (COVID-19),enabling remote access to ERP applications like Oracle PeopleSoft has become a business……

Maintaining Business Continuity During Coronavirus (COVID-19): Securing Critical ERP Functions For Remote Access

As organizations prepare to protect their workforce from Coronavirus (COVID-19), they need to balance best health practices with best security……

Five Tips for Enabling Secure Mobile Access to PeopleSoft

Enabling mobile access to PeopleSoft is a primary objective for many organizations. Naturally, there are security concerns when making transactions……

Responding to Coronavirus (COVID-19): How to Enable PeopleSoft for Secure Telecommuting

With companies like Microsoft, Amazon, and Twitter encouraging workers to stay home, many wonder if this is the beginning of……

2020’s Top ERP Security Challenges: It’s All About the Data!

As we enter the new year, the criticality of securing sensitive data will continue to mold and transform the structure……

Why Adaptive Multi-Factor Authentication (MFA) is the Key to Strict ERP Security – Without Causing User Friction

Cats & dogs, oil & water… Apparently, these groups don’t get along. You can definitely add Security Admins & Business……

California Consumer Protection Act (CCPA) – Do You Have an Action Plan for your ERP?

CCPA – A Quick Review CCPA takes effect on January 1,2020. The spirit of CCPA revolves around consumers taking back……

64% of SAP & Oracle ERP Customers have reported a Breach (in last 24 months)

The numbers are out, and it's more apparent than ever - your ERP system is most likely at risk. A……

Why Contextual Access Controls are Essential for On-Premise ERP Applications

Gartner describes context-aware security as the use of supplemental information to improve security decisions at the time they are made. "Context" meaning……

Zero Trust Security: What it is and Where to Begin

Zero Trust security is based on the principle of ‘never trust, always verify’. First introduced by Forrester Research, a Zero……

Evaluating a PeopleSoft Single Sign-On (SSO) Solution: 6 Questions to Ask Your Vendor

Single Sign-On (SSO) solutions have emerged as the gold standard in identity management. While poor password practices continue to prevail,……

How to Make ERP Compliance Audits Cheaper and Faster

Organizations are facing growing challenges in order to meet the data privacy compliance requirements associated with mandates like The General……

BYOD & Allowing Mobile ERP Access: Evaluating Potential Risks

Organizations are rapidly shifting to workplaces without boundaries - teams are globally dispersed and companies are adopting work-from-home and BYOD……

Data Security Penalties Get Real….Real Expensive

How companies approach data security controls is changing. Segregation of Access (SoAx) is now just as critical as Segregation of……

PeopleSoft RECONNECT 19 Recap: Fluid Remains the HOTTEST Topic

As the premier deep-dive PeopleSoft-focused event of the year, PeopleSoft Reconnect (presented by Quest Oracle User Group) has always touted……

Data Security: What Steps Can You Take?

We’ve talked extensively about Segregation of Access (SoAx) and how data security threats have evolved to include a range of……

Sensitive Data Security: It’s All About the Logging

Well, in today’s post it is all about the logging. In a future post it will be all about the……

ERP Data Security Assessments: Then and Now

This is a long one and gets techie in areas, but bear with me. There’s a moral to the story.……

ERP User Experience: Managing Back Office in a Mobile World (Part One – The Challenges)

We live in a connected economy. We live in a connected world. We want our games, our movies and our……

How Establishing Strong Segregation of Access Policies are the Keys to Protecting your ERP Applications from Access via the Wild West (aka the internet)

In the years I’ve been architecting and assessing organizational information security approaches; the typical focus of any effort was on……

Making Sense of MFA, SSO and Other Session Baby Sitters

I was at the Alliance conference in Orlando this past week, and in the course of presenting and listening to……

Privacy Versus Security in a Connected World

There’s an interesting story from a few years ago. An angry father marched into the corporate office of Target and……

Data Privacy and the Evolution of Segregation of Duties

In my years of performing organizational security assessments, application level vulnerability testing usually included an evaluation of the application’s ability……

CISO Survival 103: The Importance of Classifying Sensitive ERP Data

This will be the final entry in our current CISO Survival series. And we’re taking a step back. We’ve talked……

CISO Survival Part 2: The Perils of Managing Sensitive Data

In our previous post, we talked about the role of the CISO and how the rapidly evolving, connected economy is……

CISO Survival: Are You Protecting Your Sensitive Data?

Do You Even Know What and Where It Is? Not too long ago, I was involved in the war room……

According to the OWASP, ERP Is Vulnerable

Representatives of the Open Web Application Security Project (OWASP) periodically release a top 10 list of known vulnerabilities that impact……

Locking the Front Door Isn’t Always Enough

Most of us are now familiar with what Multi Factor Authentication (MFA) has brought to our daily lives. Try accessing……

2019: ERP In the Crosshairs

There’s an old Hollywood saying that showcases the cinematic battle between the well-armed and the ill-prepared: “Never bring a knife……

ERP Breaches Increasingly Becoming User-Centric

According to a report from the Information Commissioner (ICO), data breaches are up 75% in two years. Research from the……

The Marriott Breach: Do You Have Unwanted Guests In Your ERP System?

Marriott has reported that a massive data breach of its guest reservation system has led to the exposure of over……

December is Prime “ERP Data Breach” Season… Be Prepared!

Establishing security best practices for your PeopleSoft applications is always a work in progress. As newer, more advanced threats come……

ERP Data Breaches: The Penalties Are Real… Real Expensive

The 2015 Anthem Medical Data Breach In August of this year, the United States approved the final judgement against the……

Social Engineering: Defending the Weakest Link

In today’s information security environment, great technological strides have been made in the areas of network protection, data encryption, intrusion……

Social Engineering Attacks: Exploiting the “Human Element”

In the digital security world, social engineering is defined as the act of tricking someone into doing something that is……

Appsian Customer, Hackensack Meridian Health, Honored as PeopleSoft Innovator at Oracle OpenWorld

This week, Hackensack Meridian Health (HMH), a New Jersey-based not-for-profit health care organization (and Appsian customer) was identified as a PeopleSoft Innovator for……

Appsian Name Change FAQ

Can’t find your answer? Email us at info@appsian.com Why are you changing your brand? We are rebranding in order to position our organization as……

California Raisin’ the Bar on Data Privacy

June was an interesting legislative month in the state of California. In the face of an impending ballot initiative that……

Ensure a successful Fluid Enablement project with PeopleUX

With the support for PeopleSoft 9.1 ending earlier this year (Jan 2018), most PeopleSoft customers are busy upgrading to PeopleSoft……

PeopleSoft and GDPR: Accelerate Breach Detection and Remediation

The European Union's General Data Protection Regulation (GDPR) came into effect on May 25th, 2018 and made a far-spreading impact……

Best Practices for Approaching Oracle Cloud Applications – March 29th Gartner Report

Gartner recently released a report addressing the speculations around Oracle’s on-premise and cloud ERP applications. Focusing on Oracle ERP customers'……

Universities are wasting $60K/mo. (avg.) by NOT having a SAML Single Sign On for PeopleSoft

Did you know that... A *2014 Forrester study of a major US-based University showed that over 50% of user password……

The Keys to Avoiding a Failed PeopleSoft SSO Project

In a previous blog ‘Time is Money’ we discussed what lacking a PeopleSoft-integrated SSO is costing your organization. By now,……

Now Introducing PeopleSoft Security Analytics (Preview Available)

GreyHeller is proud to announce the arrival of PeopleSoft Security Analytics Next-generation software providing actionable insights into how your……

PeopleSoft and GDPR: 2018’s Elephant in the Room

Who does GDPR Affect? Does your organization store or process European Union (EU) consumer data? Do you have employees that are citizens of any EU countries? If you answered……

Time is Money: What a lack of PeopleSoft Integrated SSO is costing your organization

In our blog this past June we discussed the merits of utilizing SAML as a protocol for sharing a person’s……

October is National Cyber Security Awareness Month… and it couldn’t have come sooner!

In honor of October being National Cyber Security Awareness Month, we ask you to consider this scenario: How Cyber-Criminals are Stealing……

Event Mapping in PeopleTools 8.56

What it is? Event Mapping is a new subcomponent of the Related Content Framework. PeopleTools released Event Mapping with version……

Why is Optimizing PeopleSoft for Accessibility so difficult?

If you’re responsible for Accessibility at your organization, you have a lot of responsibilities: facilities, training, technology, documentation, note taking,……

Adopting Cloud: Fact or Myth – “Hybrid as a Best Practice”

Stop me if you’ve heard this one... “Do you want to get the most from your ERP? Then you must……

Don’t let the DOJ take your foot off the “accessibility compliance” gas pedal

We are disheartened by the recent publication of the Trump Administration's Unified Agenda of Regulatory and Deregulatory Actions which changed……

University of Waterloo relaunches direct deposit self-service functionality for employees

Direct deposit is a given for most of us. Until it doesn't work. I definitely remember the days of getting……

AHG 2017 Conference: University of Colorado’s session about making PeopleSoft accessible

The 2017 Accessing Higher Ground conference focuses on the implementation and benefits of: Accessible media, Universal Design and Assistive Technology……

University of Minnesota made PeopleSoft truly accessible. Here’s how.

Leveraging GreyHeller’s PeopleUX technology platform, our customer – University of Minnesota – made its Student Self-Service, Faculty, Job Applicant components……

Why the 2017 Anthem Healthcare breach matters to PeopleSoft customers

A GreyHeller customer – one of the largest financial services firms in the US – licensed and implemented our ERP……

SAML and PeopleSoft Security – Why you should care

SAML. ADFS. Shibboleth. Your network team may be bringing up these terms as they relate to your organization’s security initiatives……

Heartbleed, Ticketbleed… When Network Infrastructure Security Lets us Down

When securing enterprise systems every PeopleSoft customer knows they need strong passwords and secure networks. A good firewall is a……

Make The Most of Campus Solutions 9.2 & Fluid

July 26, 2016 marked the release of Campus Solutions 9.2 bundle image 2 and the introduction of Fluid self-service transactions.……

Gartner response to Yahoo breach – why it matters to PeopleSoft customers

“All organisations should now assume that they are in a state of continuous compromise," Rajpreet Kaur, Senior Research Analyst at Gartner.……

500 million Yahoo accounts breached – state sponsored actor

Today Yahoo Chief Information Security Officer Bob Lord released this - "We have confirmed, based on a recent investigation, that a copy……

Getting the Most Out of PeopleSoft: PeopleSoft Fluid User Interface (OpenWorld 2016)

Our customer - Florida State University - and our partner - Oracle - presented at OpenWorld this week. The components……

Want to know what our secret weapon looks like?

Jim Marion's PeopleTools Tips & Techniques session at Oracle OpenWorld 2016 was standing room only.…

Fall Webinar Series: UX; Security; Tips & Techniques

Please join us for our Fall Webinar Series. UX Webinars Make The Most of Campus Solutions 9.2 and Fluid Wednesday,……

Fluid webinar series: Adopting Fluid? Make It Secure

This Webinar details how PeopleSoft customers can securely push Fluid HCM Self-Service transactions outside the corporate network.…

Webinar Recording: UNC Chapel Hill Thwarts Cybercrime with ERP Firewall

This webinar is from last year but the topic and information is still very relevant, perhaps even more relevant considering……

Top Campus CIO Priorities 2016

We hear lots of noise about Cloud but in Higher Education it looks like for what The Campus Computing Project……

Data Privacy Day is January 28th!

Join GreyHeller in promoting Data Privacy Day - the goal is to promote a safer and……

Educause Top Ten IT Issues 2016

Educause's 2016 report puts Information Security at the top of the list. Lots of reasons, but here's one that stands out……

Product Update: Accessibility Cart Demo

…

PS_TOKEN, Phishing and Peoplesoft

After the PS_TOKEN threat vector was announced at Hack in the Box Amsterdam in May 2015, security organizations started adding……

Oracle’s CVE-2015-4852 Update

Since many PeopleSoft customers utilize weblogic for their PeopleSoft environment, we wanted to highlight yesterday’s security alert. Oracle released an……

PS_TOKEN becoming standard PeopleSoft Penetration Test

After the PS_TOKEN threat vector was announced at Hack in the Box Amsterdam in May 2015, security organizations started adding……

Automation of Identity Management Ensures Data Security

Security professionals are generally most concerned with outside hackers, malicious insiders and accidental data loss. However, if they don’t focus……

Product Demo: Approvals Workflow

…

Product Demo: Expense Report Creation

…

Why you should take a layered approach to securing PeopleSoft access

A layered approach is critical to protect your PeopleSoft system against multiple threat vectors. Deploying a series of security barriers……

Customer Focus: UNC Chapel Hill and Verizon Webinar Series

Back by popular demand, join GreyHeller for its Fall Customer Focus Webinar Series to learn more about our customers' Security and Mobile……

What is True Responsiveness?

Designed to intelligently move functionality based on available real estate, transforming the user experience. What is True Responsiveness? Your employees……

What you need to know about the reported PS_Token vulnerability

Appsian has been offering security assessments to both customers and non-customers around the potential of a PS_TOKEN configuration vulnerability. Over……

Google changed its logo today – what does it mean?

Today, Google changed its logo to better represent its presence on platforms other than desktop PC’s — where people initially……

CarolinaGo Mobile App Single Day Downloads Hit 2,000

According to Kate Hash, Manager of ITS Communications at UNC Chapel Hill, “Up until Friday, our largest download month had……

Tracking high-privileged users requires a strict security policy

While some organizations believe hacks come from only external sources, these companies may be missing an even larger threat: internal,……

What you should know about PeopleSoft and Common Web Application Vulnerabilities

Background In recent blog posts, we’ve mentioned that PeopleSoft provides a number of security protections out of the box. In……

Webinar: Fact or Myth – Protecting your PeopleSoft HCM Data from Cybercrime

Want to sort cybercrime fact from fiction? Do you think you know the difference? Test your knowledge. In this OHUG sponsored……

PS_Token Update and Department of Homeland Security July 1 Report

As a follow-up to our June 3rd post PS_TOKEN vulnerability and prevention, I wanted to share recent activity about which……

Who is GreyHeller? [VIDEO]

GreyHeller was founded on the idea that much of the available enterprise software needed to be simplified.Co-Founders Chris Heller and……

PeopleSoft and the Future of ERP

In this two-part series, GreyHeller founders and former, early PeopleSoft Technical Strategists, Larry Grey and Chris Heller will discuss ERP……

What you should know about PS_TOKEN vulnerabilities and how to prevent them

If you weren’t in Amsterdam last week, you missed out on a session at the Hack in the Box conference……

GreyHeller Annual ERP Upgrade Survey Results

At GreyHeller we speak with hundreds of ERP systems customers every year across all industries. Because we develop and license……

GreyHeller Security & Mobile Webinar Series

4/22 Protecting PeopleSoft for Self Service Time: 11am PST / 2pm EST Description: Your employees are demanding better access to their pay,……

The Big Disconnect

Is is ignorance? The ostrich strategy? Breach fatigue? Whatever, the data are mind-boggling. In a recent Raytheon-Ponemon survey of 1006……

GreyHeller at Collaborate15- Las Vegas

GreyHeller is thrilled to showcase our Mobile and Security solutions at Collaborate 2015. From announcing new partnerships, to launching your institution’s mobile……

GreyHeller Sessions and Customer Sessions @ Alliance2015

GreyHeller is thrilled to showcase our Mobile and Security solutions and our customers’ sessions at Alliance 2015. From announcing new partnerships, to launching……

US CEO Survey from PWC

Naturally, we're pleased that our products address 2 of the most strategically important technologies per this 2015 CEO survey by PwC:……

Executive Order 13636 promotes industry collaboration on cybercrime

Now we're getting somewhere... Obama recently signed Executive Order 13636 to much fanfare at Stanford University. Of particular interest to……

Top security breaches of 2014

Check out this chart for the top breaches... Date (2014) Company Number of records exposed Types of records 25 Jan……

2014 HEUG member survey

(more…)…

Shelley Nelson Joins GreyHeller as Vice President of Services

Shelley Nelson,Vice President of Services San Ramon, California – January 28, 2015 – GreyHeller, LLC, provider of the leading security……

CYBERSECURITY PRIORITIES SHIFT TO INSIDER THREATS

The Sony breach – and virally every other recent high profile breach – has finally driven home what GreyHeller has……

Cybersecurity Tipping Point? Absolutely.

We've been talking about this tipping point for some time now. Supporting our view... The Cybersecurity Tipping Point - from TechCrunch Assume……

GreyHeller January Security Webinar Series

January 5, 2015 - San Ramon, CA – GreyHeller today announced an Insider Threat Security Webinar Series focused on helping……

January 2015 Security Webinar

…

Top Breaches of 2014 – Infographic

…

The Upside to Breach Fatigue

Smart consumers - pounded by the relentless onslaught of breaches affecting them directly (my household had new credit cards issued……

Breach fatigue

I heard a term yesterday that frightened me - Breach Fatigue (being in the Security business can make one paranoid).……

OHUG Interview With GreyHeller CEO Hendrix H. Bodden

The year has been full of cyber attacks that have left sensitive information ranging from bank accounts to social security……

Scary UK cybercrime data

Companies, higher education institutions, healthcare organizations are not only fighting organized cybercrime rings (makes the Mafia look like a cottage……

Sony Knew About Security Vulnerability Before Breach

Really? This has us scratching our heads....no editorializing necessary. An audit by PriceWaterhouseCoopers over the summer warned Sony - “Security incidents……

How Data Masking Helps Prevent Cyber Attacks

Data Masking could have helped prevent recent, high-profile destructive cyber attacks. How? By scrambling or removing sensitive data from production……

Allocation of risk in a data breach

We're getting closer to a tipping point where organizations are going to have to prove conclusively to their customers, lenders,……

Fluid UI– How to Deploy Safely & Securely– Webinar Recording

GreyHeller's Executive Director of Security Solutions, Greg Wendt, leads a demo-intensive session showing how organizations can deploy fluid transactions safely……

GreyHeller Presents A Two-Part Webinar

2-Part Webinar Series Fluid UI – An Early Look Join Larry Grey, GreyHeller's President, and Chris Heller, CIO at GreyHeller, for an early look at……

Cyber Criminals Targeting University Payroll Systems

August 26, 2014 - San Ramon, CA – According to a recent advisory issued by Research and Education Networking Information……

Webinar Recording: GreyHeller and Fluid UI

On November 5, 2014, OHUG sponsored the webinar: GreyHeller and Fluid UI– The Best of Both Worlds. GreyHeller’s Responsive Design……

Secure Yourself Today for Tomorrow!

Ethical Hackers at Rhino Security Labs released information about serious security holes within Oracle applications this week. Millions of records……

GreyHeller Presents a FREE Webinar Series

Join us for a series of informative webinars hosted by Larry Grey, President, Chris Heller, Chief Technology Officer and Greg Wendt,……

Phishing attacks increase

June phishing attacks accounted for over $400 million in global losses. 57% of global phishing attacks are targeted at the……

Change your passwords

A Russian crime ring has collected over 1.2 billion user names and passwords. The statistics within this breach are stunning.……

Protect Against Mistakes

Homeland Security issued a new report warning about hackers attacking remote access software. Checking in from home leaves entry for……

Top 10 Data Breaches of the Past Five Years (Infographic)

Top 10 Data Breaches of the Past Five Years (Infographic) By TSC Advantage, Holistic Security Consultancy…

Don’t be reactive when it comes to securing your PeopleSoft assets from cybercime. Be proactive.

Kevin R. Brock, a leading cybersecurity expert and the FBI’s former Principal Deputy Director, National Counterterrorism Center and Assistant Director……

GreyHeller Appoints New Executive Director of Security Solutions

Organizations seek protection of their Oracle PeopleSoft applications from cybercrime San Ramon, California – July 15, 2014 Today, GreyHeller announced……

Responsive Design: what is it and why is it important to Oracle® PeopleSoft customers?

In our conversations with Oracle® PeopleSoft customers about modernizing and mobilizing their PeopleSoft pages and customizations, we always introduce the……

Click to Call for Two-Factor Authentication

Recently, one of our Higher Education customers - a highly regarded US university - implemented another option for Two-Factor Authentication……

How much does it cost to avoid a breach?

If organizations won't spend what's necessary to license technology that protects their sensitive data because of cost considerations,we believe class……

Lessons from the Code Spaces DDoS

Last week the website Code Spaces was attacked by a distributed denial of service attack (DDoS). This is a pretty……

Another day another phishing attack

A single compromised website hosted 862 PHP scripts. Think about that for a minute – 1 server, with 862 scripts.……

$20 million in data breach costs vs. Licensing ERP Firewall……do the math

Costs associated with the Maricopa County Community College District (MCCCD) data breach that occurred in April 2013 continue to rise……

Compiling PeopleCode

One of the very useful features in Application Designer is the ability to compile the PeopleCode for a project. You……

How to Prevent Student Grade Hacking in PeopleSoft

Larry just posted a YouTube video that describes how our ERP Firewall product's 2-Factor Authentication feature can help prevent students……

Chicago Office Opens

Chicago office opens Well, we just couldn't stay put in the San Francisco East Bay. Based on 2010 growth, and……

PS/nVision is not configured properly on this workstation

Today, I was helping a customer configure our Desktop Single Signon product for use with nVision. Because this was a……

Introducing Automatic URL Shortening for your PeopleSoft URLs (automatic bit.ly or TinyURL for PeopleSoft)

Did you know that the average PeopleSoft URL is over 100 characters long and is completely nonsensical to the average……

Advanced PeopleSoft Security Audit – OpenWorld 2010

David Pigman of SpearMC consulting presented Advanced PeopleSoft Security Audit. Most of the presentation consisted of walking through slides of……

Your security options are set improperly. Please contact your security administrator.

Hit this error message earlier and noticed that no search engines had the answer so I wanted to share. When……

Tuxedo Listening on Multiple IP addresses

When you create a domain for a PeopleSoft application server, the default configuration for the Tuxedo listener is a variable……

Query Tip of the day: Creating a Query from a PeopleSoft Component Name

One of the biggest challenges of end-users is to figure out where the data they want to query against resides.……

Query Tip: Updating the Effective Dates of In-Tree Criteria

One limitation of PeopleSoft Query is that when you use "In Tree" criteria, the effective date of the tree is……

Increasing System Availability with PeopleSoft

System Availability. This is a very important topic, that has received a lot of attention, especially in the area of……

Using PeopleSoft Performance Monitor

I had a question the other day about getting going with PeopleSoft Performance Monitor so I thought I'd post a……

Security Issues With PeopleSoft Production Refreshes

I helped some folks the other day with an issue that had the potential to be very serious for them;……

Functional Testing of PeopleSoft Applications

In our previous blog post we introduced a Continuous Integration server called Hudson to run automated tests against a PeopleSoft……

Issues with Dynamic Roles in PeopleSoft

We wrote awhile back about a customization that can be done to limit a user's roles dynamically at a signon……

Version Control for PeopleSoft demo

In the past few weeks, we've had a lot of interest in our new Version Control for PeopleSoft product.……

Grey Sparling "PeopleSoft Experts" Webinar Series

This blog post falls under the category of why haven't we done this earlier? Over the almost 4 years……

Out of Available Memory error running Application Engine

When you run an Application Engine program from within Application Designer (as we mentioned in our blog post on……

Fixing PeopleSoft Workflow Email Notifications

Workflow History When workflow was first added to PeopleSoft 5 back in 1995, the mantra was the three Rs: Rules,……

Taking control of your build files

Continuing on in the cool stuff we’ve been working on series, I wanted to post something about a topic that……

Overlapping Text in PeopleSoft and Safari 3.x

A little while back we had a request for help from Genentech to solve an issue that was causing them……

LDAP Query Syntax Tips

I've had a few conversations recently about the strangeness of LDAP query syntax so I thought a post some useful……

PeopleSoft telephony two factor authentication

(update : check out demo 4 in the Flash demo for our ERP Firewall to see some additional real world……

PeopleSoft IVR Integration the easy way

Yesterday's blog post on Java 5 and PeopleTools 8.49 (and my high hopes that it would have fixed something that……

International Rollouts of PeopleSoft – Do's and Don'ts

Session 3291 in the OAUG section. I went to Sylvain Nguyen's presentation on PeopleSoft global rollouts. Sylvain used to be……

Firewall Product as Savior

We had an interesting situation with one of our customers recently where creative use of one of our products, the……

Reporting against multiple Setids in PeopleSoft

This is another of those posts that I had intended to get completed a while ago, but ended up getting……

Links not Automatically Opening a Page

This is another blog posting that Chris and I had discussed putting out there (but got distracted doing other things,……

Can you use Winter or Node-Oriented Trees in GL?

This is a question that came up on the ITToolbox forum peopletools-l. I decided that it would be a good……

Baby steps with Reporting against PeopleSoft

So, you know that there’s opportunities for improving your end-users’ ability to get meaningful information out of PeopleSoft, but it……

An open letter to Carl Icahn

Dear Mr. Icahn,We see that you are getting access to BEA’s internal financial system. As you may or may not……

Looks like someone didn't implement workflow for approving vendor payment changes.

Looks like someone didn't implement workflow for approving vendor payment changes. Label- changes…

Security Zone Management in Internet Explorer

Internet Explorer manages a whole host of security settings through the concept of security zones. Security zones have names such……

Drilling Deeper into PeopleSoft Pages

For those who are familiar with our demo and posting that discusses how to drill from a report into……

The Good, Bad, and Ugly of our Niche…Part 1

The blog entry goes under the heading of "If Grey Sparling Solutions were a B-School case study". You see,……

Upcoming Events

Here are a couple of events that we'll be at: Northern California PeopleSoft RUG meeting(June 15 at……

A Brief History of PeopleTools 9

Preface Readers should note that this post is about PeopleTools 9, not PeopleSoft 9 applications. PeopleSoft 9 has shipped to……

Advanced VBA Hooks in nVision

This is another blog entry I started a while back, but never completed. As mentioned in yesterday’s entry, there was……

Alliance 2007 Session Evaluations

In the past couple of days, we’ve received lots and lots of emails from folks who attended our sessions at……

Financials Objects for Drilling Demos

Although I put together a previous posting on Drilling and nVision, I only included a single nVision drill layout to……

Flash Demo of HCM ReportingFlash Demo of HCM Reporting

Over the past 24 hours, I’ve had lots of folks wanting to learn more about the HCM reporting examples in……

Oracle Open World 2006 Wrap-Up

We survived Oracle OpenWorld 2006. A very long, but rewarding week. We originally planned to to blog the show as……

Java and PeopleCode Tips and Tricks – Part 3

I haven't written anything on the Java and PeopleCode series (part 1, part 2) recently, so I thought I'd whip……

Hiding the PeopleSoft Pagebar in all component

We had an interesting "Ask the Experts" question yesterday about how to disable the PeopleSoft page bar across the entire……

Application Designer Index Management tip

David Kurtz has a good tip on his weblog about how to get rid of an annoying little bug in……

Associating database connections with PeopleSoft users

A common headache for DBAs managing PeopleSoft applications is not knowing which user a particular piece of SQL is being……

Grey Sparling Experts coming to a city near you!!!

Well, at least a city near you if you live near Richmond, VA or Washington DC. We've been asked to……

Fixing Report Manager

For those who know about Report Manager, it's the PeopleSoft-delivered means of finding and accessing reports. For those who support……

Little known Row Level Security hook

In my previous posting on passing parameters to nVision, I briefly mentioned something that was unknown to one of the……

Application Engine Development Tips

Application Engine can be fairly handy in a PeopleSoft developer's toolchest. Aside from all of the useful batch processing things……

Deeper dive explanation of Siebel Analytics by Mark Rittman

In my previous blog entry on nVision and Siebel Analytics, I shamelessly embedded a couple of screenshots from Mark's Blog.……

PeopleSoft Single Signon

(Sept. 20 update: since writing this we have created a Desktop Single Signon snap-on product that works with PeopleSoft Enterprise.……

Java and PeopleCode Tips and Tricks – Part 1

Since Java is the language of choice for the Oracle Fusion applications, I thought it would be nice to have……

Dynamic PeopleSoft Security Based on Login

(update : see ERP Firewall for PeopleSoft) A few years back I had the opportunity to help out with an……

Follow-on to styles and nVision

After reviewing my last posting, I realized that although I covered the specifics of style definitions and nVision, I missed……

Using Styles and nVision

So, you’ve created this really cool nVision report that gets all the data you want, but you can’t for the……

Materialized Views and Row Level Security

While consulting at the same customer in NYC, we were looking at performance issues related to implementing row level security.……

Filtering nVision for date and quarter

This week, one of our blog readers asked us for advice on filtering his/her nVision reports with respect to dates.……

October Update

Our apologies to our loyal blog readers for the lack of content in the past few weeks. Grey Sparling Solutions……

Why You Should Avoid PeopleCode For Row Level Security

In the previous post about row level security, I mentioned that the two PeopleCode events SearchInit and SearchSave were not……

Understanding Row Level Security

One of the things that is often misunderstood about PeopleSoft applications is how row level security works. Part of the……

Hierarchical Reporting in nVision

There was another set of requirements that were important to the customer in my conference call yesterday. That was hierarchical……

Understanding Setids and Business Units

For something as fundamental as Setid indirection, it’s surprising how few people really understand how it works. Hopefully, this will……

Training PS/Query to do new tricks…

Yesterday, I created a posting that discussed this for PS/nVision. Today, we'll talk about PS/Query. Tricks... Tricks... What tricks?Well, actually,……

NorCalPRUG Meeting Notes — PS/nVision vs. e.Spreadsheet

Actuate's Managed Spreadsheet Solution I was interested in this presentation specifically because when I worked at PeopleSoft, I worked on……

NorCalPRUG Meeting Notes — Technical Roundtable Notes

The last large session of the day was the Technical Roundtable. Chris Heller and Larry Grey of Grey Sparling were……

Platforms

Features

Register for an Upcoming Webinar

SAP

PeopleSoft

Appsian360

Review

Webinars

Persona

Register for an Upcoming Webinar

Customers

Video Testimonials

Featured Case Studies

Why Appsian

Management Team

Careers

Press Releases

Partners

Contact Us

Customers

Partners

Blog

April 7, 2021

Are ERP Security and Compliance Risks Interfering with Your Digital Transformation?

April 2, 2021

Advancing SAP Security and Risk Management with Least Privilege 2.0

March 30, 2021

Key Strategies for Improving ERP Data Privacy and Compliance

March 24, 2021

How Appsian Reduces Risk in SAP Procurement Transactions

March 22, 2021

How Appsian Improves SAP Segregation of Duties Violations Management

March 18, 2021

Implementing Dynamic SAP Data Masking in ECC & S/4HANA Using Appsian

March 11, 2021

It’s Time to Include Data in the ERP Security Conversation

February 26, 2021

How Remote Work Has Accelerated ERP Data Privacy Challenges

February 2, 2021

[Podcast] Potential ERP Data Security and Compliance Risks for Legacy Applications

January 4, 2021

Modernize PeopleSoft Security with Defense in Depth

December 9, 2020

5 Types of Insider Threats and How to Detect Them in Your ERP System

December 8, 2020

Securing Business Data in ERP Applications: A Fast Path Guide to Success

November 20, 2020

Why the California Privacy Rights Act (CPRA) Presents Challenges for Legacy ERP Customers

November 16, 2020

How to Detect Insider Threats in Your ERP System

November 6, 2020

Using Advanced Analytics to Improve ERP System Performance

November 4, 2020

How IT Can Use ERP Data to Become a Hero to their Business Stakeholders

October 29, 2020

Are Advanced Persistent Threats (APT) Haunting Your ERP Applications?

October 27, 2020

Data Breaches Are Going Up, While Cybersecurity Training is… Going Down?

October 22, 2020

PeopleSoft Single Sign-On (SAML/ADFS): Why You Should Not Customize

October 20, 2020

SAP Access Control: A Beginner’s Guide to SAP Dynamic Authorization

August 20, 2020

How Does Appsian Work with SAP GRC Access Control?

August 11, 2020

Monitoring High Privileged User Activity in PeopleSoft and SAP Using Appsian360

August 6, 2020

Protecting ERP Data from Application Vulnerabilities Using A Multi-Layered Security Approach

August 4, 2020

Why Colleges and Universities are Rushing to Implement Single Sign-On for PeopleSoft

July 28, 2020

When it Comes to ERP Data Security, Context (of Access) Matters – Appsian360 Can Help!

July 21, 2020

The RECON Bug Highlights SAP Customers’ Need for Fine-Grained Control and Visibility (Not Just Security Patches)

July 16, 2020

SAP RECON Vulnerability Puts Thousands of ERP Customers at Critical Risk

June 25, 2020

Appsian Releases Report Revealing Executive Perspective on SAP Business Risks and Controls

June 24, 2020

CCPA Enforcement Is on Track to Start July 1, 2020. Are Your Data Privacy Strategies Ready?

Register
for an Upcoming
Webinar

Register
for an Upcoming
Webinar