28% of cyber attacks are perpetrated by bad actors inside the organization. Insider threats are particularly tricky as there is no way for PeopleSoft to decipher if users are leveraging their privilege to access sensitive information for legitimate or malicious purposes.
PeopleSoft does not directly support multi-factor authorization (MFA.) MFA is only possible by leveraging a 3rd party vendor, and even with a vendor, MFA functionality is only possible at the application login screen.
Personally Identifiable Information (PII) is displayed on hundreds of pages in PeopleSoft, thus increasing the scope of a data loss incident.
Running reports and queries in PeopleSoft is simple and seamless, thus making the ability to quickly compromise a large volume of data easier.
Expanding current data masking functionality in PeopleSoft requires additional scripts and customizations applied by role to each page with sensitive data.
Internal auditors cannot determine PII access – who, when, and where. The best alternative is manual triangulation of reports that could take months to reveal actionable insights.
Appsian partners with multiple MFA providers to embed MFA functionality within the PeopleSoft system at the field/page/component level. Appsian’s MFA solution leverages a robust rules engine that contextually determines when an additional authentication challenge is required
Apply full or partial data masking at the page/component/field level and execute controls based on a rules engine
Apply an additional logging step that identifies the user requesting access to a specific data field, thus making audits more effective and efficient