A wide range of customers worldwide trust Appsian with their business-critical data.
As work-from-home continues into 2021 indefinitely and the reality of this increased risk becomes clearer, organizations should heavily prioritize the……
While the majority of data breaches are from insider threats—a startling 57% according to the Verizon Insider Threat Report—many organizations overlook these internal dangers. Whether careless or malicious, employee, partner,……
With 2020 coming to a close, ensuring business applications are equipped to meet the longterm access demands of 2021 is……
While nearly everyone was focusing on the results of the 2020 Presidential race, California voters passed Proposition 24, the California……
Insider Threats Are Becoming More Frequent and More Costly to Organizations. Especially Those Using Legacy ERP Systems. Here's How You……
Improve ERP System Performance with Real-Time Data Access & Usage Visibility Your ERP system is a complex ecosystem with multiple deployments, serving hundreds to……
When business stakeholders come to you looking for answers, having visibility and context around ERP data access and usage gives……
Halloween 2020 (the day, not another movie) is right around the corner. Usually, I'm thinking about spirits and haunted houses……
According to a recent Shred-It survey, both senior leaders and employees indicated data breaches doubling in frequency in the last……
Don’t Risk the Security of your Data by Customizing an SSO Integration for PeopleSoft I was on a discovery call……
As your company’s digital footprint grows, you can enhance your security posture by complementing your existing SAP Role-Based Access Controls……
At the SAPinsider 2020 virtual conference experience, one of our product demo attendees asked how Appsian works with SAP GRC Access Control. We get this question a……
We are in the midst of a perfect storm of ERP security calamity: the greatest work from home experiment colliding with historic……
You spend countless hours, not to mention considerable money, to secure your SAP and Oracle ERP data. One day, you discover that cybercriminals……
It’s not uncommon for higher education institutions to approach us (with great haste) about our Single Sign-On (SSO) solution for PeopleSoft Campus Solutions. Lately, I’ve noticed……
Organizations using traditional, on-premise ERP applications like SAP ECC and Oracle PeopleSoft are facing a rapidly changing reality around the……
A critical SAP vulnerability (CVE-2020-6287 or RECON) was recently discovered by Onapsis that gives attackers TOTAL control of vulnerable business applications. It……
A critical SAP vulnerability (CVE-2020-6287 or RECON) was recently discovered by Onapsis that gives attackers TOTAL control of vulnerable business……
Every organization using SAP ERP applications faces the unique challenge of maintaining a strong security posture while enabling productive business processes. Throw in the uncertainty of today’s rapidly changing environment, and you……
Time is almost up for companies scrambling to get their data privacy strategies in compliance with the California Consumer Protection Act (CCPA). Beginning as……
Just a few days ago, the Australian Prime Minister, Scott Morrison announced that Australia is being continuously targeted by sophisticated,……
In these less than ordinary times, organizations are dealing with disruption at a frequency higher than ever before. An unfortunate side-effect……
Thanks to TV commercials for identity protection services, you're forgiven for thinking that that dark web is primarily a place where criminals……
Stop me if you've heard (or spoken) this phrase: "All non-essential projects have been put on hold." To be fair,……
The news is flooded with stories about cybercriminals successfully engaging in phishing and social engineering aimed at exploiting people’s COVID-19……
Remote workforces are nothing new to most organizations. According to Buffer’s 2019 State of Remote Work report, 44% of respondents……
Data privacy regulations are rapidly reshaping the way companies monitor, manage, and even define the data they collect and store.……
California State University, the largest four-year public university system in the country, made headlines when it announced Tuesday that it intends to……
Analytics have always been necessary for informing ERP data security policies. This has never been more relevant than today, in this……
Every first Thursday in May, cybersecurity professionals collectively roll their eyes at the idea that there is (in fact), a……
On April 19, 2020, Oracle announced on its PeopleSoft Support blog that the company is extending support for the ERP application……
Secure, compliant, and efficient business processes are critical to enterprise operations. In SAP, Segregation of Duties (SoD) is a key……
With remote workplaces being put to the test, organizations are looking to quickly scale their security practices. Unfortunately, many are……
I was recently speaking with a customer who expressed a common concern. Because of COVID-19, their entire finance team was……
It’s no secret that managing PeopleSoft passwords can be challenging. This has been a hot topic for years – and……
With the influx of remote access demands, VPN vendors are no doubt having their moment. This is 100% warranted, but……
The rapid acceleration from on-location to remote workforce as part of the Coronavirus Pandemic response opened the door to malicious……
In September of 2001, I was conducting a comprehensive security audit of a major health care insurer. They were dealing……
The streets are empty, offices are closed, and your favorite bar around the corner is shut down until... well, we……
With the workforce disruption caused by Coronavirus (COVID-19),enabling remote access to ERP applications like Oracle PeopleSoft has become a business……
As organizations prepare to protect their workforce from Coronavirus (COVID-19), they need to balance best health practices with best security……
Enabling mobile access to PeopleSoft is a primary objective for many organizations. Naturally, there are security concerns when making transactions……
With companies like Microsoft, Amazon, and Twitter encouraging workers to stay home, many wonder if this is the beginning of……
As we enter the new year, the criticality of securing sensitive data will continue to mold and transform the structure……
Cats & dogs, oil & water… Apparently, these groups don’t get along. You can definitely add Security Admins & Business……
CCPA – A Quick Review CCPA takes effect on January 1,2020. The spirit of CCPA revolves around consumers taking back……
The numbers are out, and it's more apparent than ever - your ERP system is most likely at risk. A……
Gartner describes context-aware security as the use of supplemental information to improve security decisions at the time they are made. "Context" meaning……
Zero Trust security is based on the principle of ‘never trust, always verify’. First introduced by Forrester Research, a Zero……
Single Sign-On (SSO) solutions have emerged as the gold standard in identity management. While poor password practices continue to prevail,……
Organizations are facing growing challenges in order to meet the data privacy compliance requirements associated with mandates like The General……
Organizations are rapidly shifting to workplaces without boundaries - teams are globally dispersed and companies are adopting work-from-home and BYOD……
How companies approach data security controls is changing. Segregation of Access (SoAx) is now just as critical as Segregation of……
As the premier deep-dive PeopleSoft-focused event of the year, PeopleSoft Reconnect (presented by Quest Oracle User Group) has always touted……
We’ve talked extensively about Segregation of Access (SoAx) and how data security threats have evolved to include a range of……
Well, in today’s post it is all about the logging. In a future post it will be all about the……
This is a long one and gets techie in areas, but bear with me. There’s a moral to the story.……
We live in a connected economy. We live in a connected world. We want our games, our movies and our……
In the years I’ve been architecting and assessing organizational information security approaches; the typical focus of any effort was on……
I was at the Alliance conference in Orlando this past week, and in the course of presenting and listening to……
There’s an interesting story from a few years ago. An angry father marched into the corporate office of Target and……
In my years of performing organizational security assessments, application level vulnerability testing usually included an evaluation of the application’s ability……
This will be the final entry in our current CISO Survival series. And we’re taking a step back. We’ve talked……
In our previous post, we talked about the role of the CISO and how the rapidly evolving, connected economy is……
Do You Even Know What and Where It Is? Not too long ago, I was involved in the war room……
Representatives of the Open Web Application Security Project (OWASP) periodically release a top 10 list of known vulnerabilities that impact……
Most of us are now familiar with what Multi Factor Authentication (MFA) has brought to our daily lives. Try accessing……
There’s an old Hollywood saying that showcases the cinematic battle between the well-armed and the ill-prepared: “Never bring a knife……
According to a report from the Information Commissioner (ICO), data breaches are up 75% in two years. Research from the……
Marriott has reported that a massive data breach of its guest reservation system has led to the exposure of over……
Establishing security best practices for your PeopleSoft applications is always a work in progress. As newer, more advanced threats come……
The 2015 Anthem Medical Data Breach In August of this year, the United States approved the final judgement against the……
In today’s information security environment, great technological strides have been made in the areas of network protection, data encryption, intrusion……
In the digital security world, social engineering is defined as the act of tricking someone into doing something that is……
This week, Hackensack Meridian Health (HMH), a New Jersey-based not-for-profit health care organization (and Appsian customer) was identified as a PeopleSoft Innovator for……
Can’t find your answer? Email us at info@appsian.com Why are you changing your brand? We are rebranding in order to position our organization as……
June was an interesting legislative month in the state of California. In the face of an impending ballot initiative that……
With the support for PeopleSoft 9.1 ending earlier this year (Jan 2018), most PeopleSoft customers are busy upgrading to PeopleSoft……
The European Union's General Data Protection Regulation (GDPR) came into effect on May 25th, 2018 and made a far-spreading impact……
Gartner recently released a report addressing the speculations around Oracle’s on-premise and cloud ERP applications. Focusing on Oracle ERP customers'……
Did you know that... A *2014 Forrester study of a major US-based University showed that over 50% of user password……
In a previous blog ‘Time is Money’ we discussed what lacking a PeopleSoft-integrated SSO is costing your organization. By now,……
GreyHeller is proud to announce the arrival of PeopleSoft Security Analytics Next-generation software providing actionable insights into how your……
Who does GDPR Affect? Does your organization store or process European Union (EU) consumer data? Do you have employees that are citizens of any EU countries? If you answered……
In our blog this past June we discussed the merits of utilizing SAML as a protocol for sharing a person’s……
In honor of October being National Cyber Security Awareness Month, we ask you to consider this scenario: How Cyber-Criminals are Stealing……
What it is? Event Mapping is a new subcomponent of the Related Content Framework. PeopleTools released Event Mapping with version……
If you’re responsible for Accessibility at your organization, you have a lot of responsibilities: facilities, training, technology, documentation, note taking,……
Stop me if you’ve heard this one... “Do you want to get the most from your ERP? Then you must……
We are disheartened by the recent publication of the Trump Administration's Unified Agenda of Regulatory and Deregulatory Actions which changed……
Direct deposit is a given for most of us. Until it doesn't work. I definitely remember the days of getting……
The 2017 Accessing Higher Ground conference focuses on the implementation and benefits of: Accessible media, Universal Design and Assistive Technology……
Leveraging GreyHeller’s PeopleUX technology platform, our customer – University of Minnesota – made its Student Self-Service, Faculty, Job Applicant components……
A GreyHeller customer – one of the largest financial services firms in the US – licensed and implemented our ERP……
SAML. ADFS. Shibboleth. Your network team may be bringing up these terms as they relate to your organization’s security initiatives……
When securing enterprise systems every PeopleSoft customer knows they need strong passwords and secure networks. A good firewall is a……
July 26, 2016 marked the release of Campus Solutions 9.2 bundle image 2 and the introduction of Fluid self-service transactions.……
“All organisations should now assume that they are in a state of continuous compromise," Rajpreet Kaur, Senior Research Analyst at Gartner.……
Today Yahoo Chief Information Security Officer Bob Lord released this - "We have confirmed, based on a recent investigation, that a copy……
Our customer - Florida State University - and our partner - Oracle - presented at OpenWorld this week. The components……
Jim Marion's PeopleTools Tips & Techniques session at Oracle OpenWorld 2016 was standing room only.…
Please join us for our Fall Webinar Series. UX Webinars Make The Most of Campus Solutions 9.2 and Fluid Wednesday,……
This Webinar details how PeopleSoft customers can securely push Fluid HCM Self-Service transactions outside the corporate network.…
This webinar is from last year but the topic and information is still very relevant, perhaps even more relevant considering……
We hear lots of noise about Cloud but in Higher Education it looks like for what The Campus Computing Project……
Join GreyHeller in promoting Data Privacy Day - the goal is to promote a safer and……
Educause's 2016 report puts Information Security at the top of the list. Lots of reasons, but here's one that stands out……
…
After the PS_TOKEN threat vector was announced at Hack in the Box Amsterdam in May 2015, security organizations started adding……
Since many PeopleSoft customers utilize weblogic for their PeopleSoft environment, we wanted to highlight yesterday’s security alert. Oracle released an……
Security professionals are generally most concerned with outside hackers, malicious insiders and accidental data loss. However, if they don’t focus……
A layered approach is critical to protect your PeopleSoft system against multiple threat vectors. Deploying a series of security barriers……
Back by popular demand, join GreyHeller for its Fall Customer Focus Webinar Series to learn more about our customers' Security and Mobile……
Designed to intelligently move functionality based on available real estate, transforming the user experience. What is True Responsiveness? Your employees……
Appsian has been offering security assessments to both customers and non-customers around the potential of a PS_TOKEN configuration vulnerability. Over……
Today, Google changed its logo to better represent its presence on platforms other than desktop PC’s — where people initially……
According to Kate Hash, Manager of ITS Communications at UNC Chapel Hill, “Up until Friday, our largest download month had……
While some organizations believe hacks come from only external sources, these companies may be missing an even larger threat: internal,……
Background In recent blog posts, we’ve mentioned that PeopleSoft provides a number of security protections out of the box. In……
Want to sort cybercrime fact from fiction? Do you think you know the difference? Test your knowledge. In this OHUG sponsored……
As a follow-up to our June 3rd post PS_TOKEN vulnerability and prevention, I wanted to share recent activity about which……
GreyHeller was founded on the idea that much of the available enterprise software needed to be simplified.Co-Founders Chris Heller and……
In this two-part series, GreyHeller founders and former, early PeopleSoft Technical Strategists, Larry Grey and Chris Heller will discuss ERP……
If you weren’t in Amsterdam last week, you missed out on a session at the Hack in the Box conference……
At GreyHeller we speak with hundreds of ERP systems customers every year across all industries. Because we develop and license……
4/22 Protecting PeopleSoft for Self Service Time: 11am PST / 2pm EST Description: Your employees are demanding better access to their pay,……
Is is ignorance? The ostrich strategy? Breach fatigue? Whatever, the data are mind-boggling. In a recent Raytheon-Ponemon survey of 1006……
GreyHeller is thrilled to showcase our Mobile and Security solutions at Collaborate 2015. From announcing new partnerships, to launching your institution’s mobile……
GreyHeller is thrilled to showcase our Mobile and Security solutions and our customers’ sessions at Alliance 2015. From announcing new partnerships, to launching……
Naturally, we're pleased that our products address 2 of the most strategically important technologies per this 2015 CEO survey by PwC:……
Now we're getting somewhere... Obama recently signed Executive Order 13636 to much fanfare at Stanford University. Of particular interest to……
Check out this chart for the top breaches... Date (2014) Company Number of records exposed Types of records 25 Jan……
(more…)…
Shelley Nelson,Vice President of Services San Ramon, California – January 28, 2015 – GreyHeller, LLC, provider of the leading security……
The Sony breach – and virally every other recent high profile breach – has finally driven home what GreyHeller has……
We've been talking about this tipping point for some time now. Supporting our view... The Cybersecurity Tipping Point - from TechCrunch Assume……
January 5, 2015 - San Ramon, CA – GreyHeller today announced an Insider Threat Security Webinar Series focused on helping……
Smart consumers - pounded by the relentless onslaught of breaches affecting them directly (my household had new credit cards issued……
I heard a term yesterday that frightened me - Breach Fatigue (being in the Security business can make one paranoid).……
The year has been full of cyber attacks that have left sensitive information ranging from bank accounts to social security……
Companies, higher education institutions, healthcare organizations are not only fighting organized cybercrime rings (makes the Mafia look like a cottage……
Really? This has us scratching our heads....no editorializing necessary. An audit by PriceWaterhouseCoopers over the summer warned Sony - “Security incidents……
Data Masking could have helped prevent recent, high-profile destructive cyber attacks. How? By scrambling or removing sensitive data from production……
We're getting closer to a tipping point where organizations are going to have to prove conclusively to their customers, lenders,……
GreyHeller's Executive Director of Security Solutions, Greg Wendt, leads a demo-intensive session showing how organizations can deploy fluid transactions safely……
2-Part Webinar Series Fluid UI – An Early Look Join Larry Grey, GreyHeller's President, and Chris Heller, CIO at GreyHeller, for an early look at……
August 26, 2014 - San Ramon, CA – According to a recent advisory issued by Research and Education Networking Information……
On November 5, 2014, OHUG sponsored the webinar: GreyHeller and Fluid UI– The Best of Both Worlds. GreyHeller’s Responsive Design……
Ethical Hackers at Rhino Security Labs released information about serious security holes within Oracle applications this week. Millions of records……
Join us for a series of informative webinars hosted by Larry Grey, President, Chris Heller, Chief Technology Officer and Greg Wendt,……
June phishing attacks accounted for over $400 million in global losses. 57% of global phishing attacks are targeted at the……
A Russian crime ring has collected over 1.2 billion user names and passwords. The statistics within this breach are stunning.……
Homeland Security issued a new report warning about hackers attacking remote access software. Checking in from home leaves entry for……
Top 10 Data Breaches of the Past Five Years (Infographic) By TSC Advantage, Holistic Security Consultancy…
Kevin R. Brock, a leading cybersecurity expert and the FBI’s former Principal Deputy Director, National Counterterrorism Center and Assistant Director……
Organizations seek protection of their Oracle PeopleSoft applications from cybercrime San Ramon, California – July 15, 2014 Today, GreyHeller announced……
In our conversations with Oracle® PeopleSoft customers about modernizing and mobilizing their PeopleSoft pages and customizations, we always introduce the……
Recently, one of our Higher Education customers - a highly regarded US university - implemented another option for Two-Factor Authentication……
If organizations won't spend what's necessary to license technology that protects their sensitive data because of cost considerations,we believe class……
Last week the website Code Spaces was attacked by a distributed denial of service attack (DDoS). This is a pretty……
A single compromised website hosted 862 PHP scripts. Think about that for a minute – 1 server, with 862 scripts.……
Costs associated with the Maricopa County Community College District (MCCCD) data breach that occurred in April 2013 continue to rise……
One of the very useful features in Application Designer is the ability to compile the PeopleCode for a project. You……
Larry just posted a YouTube video that describes how our ERP Firewall product's 2-Factor Authentication feature can help prevent students……
Chicago office opens Well, we just couldn't stay put in the San Francisco East Bay. Based on 2010 growth, and……
Today, I was helping a customer configure our Desktop Single Signon product for use with nVision. Because this was a……
Did you know that the average PeopleSoft URL is over 100 characters long and is completely nonsensical to the average……
David Pigman of SpearMC consulting presented Advanced PeopleSoft Security Audit. Most of the presentation consisted of walking through slides of……
Hit this error message earlier and noticed that no search engines had the answer so I wanted to share. When……
When you create a domain for a PeopleSoft application server, the default configuration for the Tuxedo listener is a variable……
One of the biggest challenges of end-users is to figure out where the data they want to query against resides.……
One limitation of PeopleSoft Query is that when you use "In Tree" criteria, the effective date of the tree is……
System Availability. This is a very important topic, that has received a lot of attention, especially in the area of……
I had a question the other day about getting going with PeopleSoft Performance Monitor so I thought I'd post a……
I helped some folks the other day with an issue that had the potential to be very serious for them;……
In our previous blog post we introduced a Continuous Integration server called Hudson to run automated tests against a PeopleSoft……
We wrote awhile back about a customization that can be done to limit a user's roles dynamically at a signon……
In the past few weeks, we've had a lot of interest in our new Version Control for PeopleSoft product.……
This blog post falls under the category of why haven't we done this earlier? Over the almost 4 years……
When you run an Application Engine program from within Application Designer (as we mentioned in our blog post on……
Workflow History When workflow was first added to PeopleSoft 5 back in 1995, the mantra was the three Rs: Rules,……
Continuing on in the cool stuff we’ve been working on series, I wanted to post something about a topic that……
A little while back we had a request for help from Genentech to solve an issue that was causing them……
I've had a few conversations recently about the strangeness of LDAP query syntax so I thought a post some useful……
(update : check out demo 4 in the Flash demo for our ERP Firewall to see some additional real world……
Yesterday's blog post on Java 5 and PeopleTools 8.49 (and my high hopes that it would have fixed something that……
Session 3291 in the OAUG section. I went to Sylvain Nguyen's presentation on PeopleSoft global rollouts. Sylvain used to be……
We had an interesting situation with one of our customers recently where creative use of one of our products, the……
This is another of those posts that I had intended to get completed a while ago, but ended up getting……
This is another blog posting that Chris and I had discussed putting out there (but got distracted doing other things,……
This is a question that came up on the ITToolbox forum peopletools-l. I decided that it would be a good……
So, you know that there’s opportunities for improving your end-users’ ability to get meaningful information out of PeopleSoft, but it……
Dear Mr. Icahn,We see that you are getting access to BEA’s internal financial system. As you may or may not……
Looks like someone didn't implement workflow for approving vendor payment changes. Label- changes…
Internet Explorer manages a whole host of security settings through the concept of security zones. Security zones have names such……
For those who are familiar with our demo and posting that discusses how to drill from a report into……
The blog entry goes under the heading of "If Grey Sparling Solutions were a B-School case study". You see,……
Here are a couple of events that we'll be at: Northern California PeopleSoft RUG meeting(June 15 at……
Preface Readers should note that this post is about PeopleTools 9, not PeopleSoft 9 applications. PeopleSoft 9 has shipped to……
This is another blog entry I started a while back, but never completed. As mentioned in yesterday’s entry, there was……
In the past couple of days, we’ve received lots and lots of emails from folks who attended our sessions at……
Although I put together a previous posting on Drilling and nVision, I only included a single nVision drill layout to……
Over the past 24 hours, I’ve had lots of folks wanting to learn more about the HCM reporting examples in……
We survived Oracle OpenWorld 2006. A very long, but rewarding week. We originally planned to to blog the show as……
I haven't written anything on the Java and PeopleCode series (part 1, part 2) recently, so I thought I'd whip……
We had an interesting "Ask the Experts" question yesterday about how to disable the PeopleSoft page bar across the entire……
David Kurtz has a good tip on his weblog about how to get rid of an annoying little bug in……
A common headache for DBAs managing PeopleSoft applications is not knowing which user a particular piece of SQL is being……
Well, at least a city near you if you live near Richmond, VA or Washington DC. We've been asked to……
For those who know about Report Manager, it's the PeopleSoft-delivered means of finding and accessing reports. For those who support……
In my previous posting on passing parameters to nVision, I briefly mentioned something that was unknown to one of the……
Application Engine can be fairly handy in a PeopleSoft developer's toolchest. Aside from all of the useful batch processing things……
In my previous blog entry on nVision and Siebel Analytics, I shamelessly embedded a couple of screenshots from Mark's Blog.……
(Sept. 20 update: since writing this we have created a Desktop Single Signon snap-on product that works with PeopleSoft Enterprise.……
Since Java is the language of choice for the Oracle Fusion applications, I thought it would be nice to have……
(update : see ERP Firewall for PeopleSoft) A few years back I had the opportunity to help out with an……
After reviewing my last posting, I realized that although I covered the specifics of style definitions and nVision, I missed……
So, you’ve created this really cool nVision report that gets all the data you want, but you can’t for the……
While consulting at the same customer in NYC, we were looking at performance issues related to implementing row level security.……
This week, one of our blog readers asked us for advice on filtering his/her nVision reports with respect to dates.……
Our apologies to our loyal blog readers for the lack of content in the past few weeks. Grey Sparling Solutions……
In the previous post about row level security, I mentioned that the two PeopleCode events SearchInit and SearchSave were not……
One of the things that is often misunderstood about PeopleSoft applications is how row level security works. Part of the……
There was another set of requirements that were important to the customer in my conference call yesterday. That was hierarchical……
For something as fundamental as Setid indirection, it’s surprising how few people really understand how it works. Hopefully, this will……
Yesterday, I created a posting that discussed this for PS/nVision. Today, we'll talk about PS/Query. Tricks... Tricks... What tricks?Well, actually,……
Actuate's Managed Spreadsheet Solution I was interested in this presentation specifically because when I worked at PeopleSoft, I worked on……
The last large session of the day was the Technical Roundtable. Chris Heller and Larry Grey of Grey Sparling were……
"Learn how you can reduce risk with rapid threat protection, audit response and access control. All from a single, comprehensive platform"
Trusted by hundreds of leading brands