Following a strategic decision to strengthen data security, IT leaders at the State of North Dakota set out to upgrade their PeopleSoft infrastructure. The goal was to equip HCM, Financials, and Enterprise Learning Management applications with advanced features that improved access controls, managed risk exposure, and increased visibility of user activity. Using Appsian’s Application Security Platform, the State deployed MFA capabilities, contextual data masking, location-based access rules, and enhanced logging to achieve their desired results.
The State of North Dakota wanted to:
Using Appsian’s Application Security Platform, the State of North Dakota implemented field-level masking of sensitive data across their PeopleSoft HCM, FSCM and ELM applications. While sensitive data was masked for most users, certain high privileged roles were allowed access through a ‘click-to-view’ feature that logs the deliberate user interaction and exposure of sensitive data fields. Location-Based Security was also implemented to protect access to bank account pages from outside of State of North Dakota’s network, where self-service users had to pass a multi-factor authentication challenge to perform a transaction. Field-level logging was implemented to monitor user activity and the logs were separated by recruiter access, admin roles, payroll admin roles, and other filters to simplify auditing.
Following ASP’s implementation, the State of North Dakota leveraged their existing 2FA provider, SafeNet, to challenge users to reconfirm identity at page/component level, specifically while performing self-service tasks remotely. The secured remote access for banking transactions improved the security of employees’ payroll data and aided defense against payroll diversion. The click-to-view functionality allowed the State to increase visibility into privileged users’ activity while still allowing them to access sensitive data to perform their day-to-day jobs. Furthermore, the enhanced logs recorded every user transaction which could be referenced to notice, investigate and remediate suspicious activity. The solution resulted in improved security not just for employees of the state but for 3rd party suppliers as well.
The State of North Dakota administrative office comprises of over 70 state agencies to provide exceptional community, family, health, education, security, transportation and more services to the citizens of North Dakota.
‘‘Cybersecurity is a priority for the State, and Appsian’s solution allowed us to enhance our security posture to provide even stronger safeguards of our critical systems and personnel data, while providing greater visibility for administrators into transaction-level detail.” Jeff Larshus, Director of State Financial Services.’’