The State of North Dakota administrative office comprises of over 70 state agencies to provide exceptional community, family, health, education, security, transportation and more services to the citizens of North Dakota.
The State of North Dakota wanted to:
Using Appsian’s Application Security Platform, the State of North Dakota implemented field-level masking of sensitive data across their PeopleSoft HCM, FSCM and ELM applications. While sensitive data was masked for most users, certain high privileged roles were allowed access through a ‘click-to-view’ feature that logs the deliberate user interaction and exposure of sensitive data fields. Location-Based Security was also implemented to protect access to bank account pages from outside of State of North Dakota’s network, where self-service users had to pass a multi-factor authentication challenge to perform a transaction. Field-level logging was implemented to monitor user activity and the logs were separated by recruiter access, admin roles, payroll admin roles, and other filters to simplify auditing.
Following ASP’s implementation, the State of North Dakota leveraged their existing 2FA provider, SafeNet, to challenge users to reconfirm identity at page/component level, specifically while performing self-service tasks remotely. The secured remote access for banking transactions improved the security of employees’ payroll data and aided defense against payroll diversion. The click-to-view functionality allowed the State to increase visibility into privileged users’ activity while still allowing them to access sensitive data to perform their day-to-day jobs. Furthermore, the enhanced logs recorded every user transaction which could be referenced to notice, investigate and remediate suspicious activity. The solution resulted in improved security not just for employees of the state but for 3rd party suppliers as well.