Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 2
PEOPLESOFT SECURITY BEST PRACTICES
TABLE OF CONTENTS
Background ............................................................................................................................................ 3
Summary ................................................................................................................................................ 3
Technical Details ................................................................................................................................... 4
Identification and Passwords ................................................................................................................ 4
Account and User Identity ................................................................................................................ 5
Role Change Processes ...................................................................................................................... 5
Password Controls ............................................................................................................................. 8
Added Authentication ....................................................................................................................... 9
Protecting Data .................................................................................................................................... 10
Self-Service User ............................................................................................................................... 10
Functional Administrator ................................................................................................................ 10
Support for Users .............................................................................................................................. 11
Developer and Tester ....................................................................................................................... 11
Database Administrator ................................................................................................................... 12
Managing Access .................................................................................................................................. 12
Functional Administrator & End-User Support .............................................................................. 12
Developer/Tester .............................................................................................................................. 13
Database Administrator Access ....................................................................................................... 14
Incident Management .......................................................................................................................... 15
Logging and Auditing .......................................................................................................................... 15
Logging within PeopleSoft ............................................................................................................... 15
Conclusion ............................................................................................................................................ 17
About SmartPanda ............................................................................................................................... 17
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 3
Background
Many organizations are encountering an increase in the number of security breaches to their I.T.
systems. These breaches not only cost organizations in terms of expenditures on additional security and
review, but also in lost trust and business by end users
Recent breaches include:
In June 2012 a third-party software breach caused the exposure of financial
information (in the form of credit card numbers) of University of Southern California
students and faculty. The breach occurred from May 21 to June 21.
In May 2012 a student hacker breached the PeopleSoft student database and may
have had access to sensitive personal information, including social security numbers.
Close to 21,000 students had their financial information exposed.
A malware download at Housatonic Community College in April 2012 (via email virus)
may have caused the exposure of nearly 90,000 student records and cost the college as
much as $500,000.1
The average cost per record, according to the Ponemon Institute, is about $112, although privately
many customers respond that the actual cost is much higher.
PWC reports that “the number of significant hacking attacks or large organizations [sic]
has doubled over the past two year,” with the most serious breaches caused by a
combination of issues with people, technology, and processes.2
In order to assist companies and entities with ensuring the overall safety and security of their Oracle
PeopleSoft systems, The Smart Panda has put together this document to address the following areas of
potential risk:
Technical infrastructure
Identifying and authenticating users
Protecting data
Controlling access
Incident response
Information logging and auditing
Smart Panda offers common issues and best practices to ensure optimal PeopleSoft security for your
infrastructure to minimize risk of security breaches in the future.
SUMMARY 1 http://www.pwc.co.uk/audit-assurance/publications/uk-information-security-breaches-survey-results-2012.jhtml
2 http://www.pwc.co.uk/audit-assurance/publications/uk-information-security-breaches-survey-results-2012.jhtml
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 4
The Smart Panda has focused in this document on common security issues associated with PeopleSoft
software, when administered both on location and off site (such as in a hosted environment). This
document deals with the following areas:
Identification and passwords
Security of data
Security of processes
Response to security incidents
Information logging and analysis
In many cases, companies have well-documented policies and procedures when it comes to the key
areas of security and PeopleSoft; however, although they choose to automate many processes, some of
these processes are still left to be managed manually. By automating more processes companies can
eliminate error and improve overall security.
Common areas in need of improvement include:
Protecting sensitive data
Secure authentication
Logging and auditing of data
Automated processes and change management
Note that in many cases addressing these security solutions may involve additional development or the
implementation of external solutions.
TECHNICAL DETAILS
This paper address both on site, managed PeopleSoft environments as well as those which are hosted.
Successfully implementing a hosted environment involves additional definition of duties to ensure
proper separation and protection between the company’s data and the host.
Additionally, companies need to maintain separate environments for development, production, and
testing in order to avoid an overlap of access between PeopleSoft databases.
IDENTIFICATION AND PASSWORDS
Having control over the identification and authentication of users, as well as access to this information
by different levels of administration, is key to ensuring appropriate access to the software, as well as
identifying and preventing possible security breaches or information leaks. Without these controls in
place, User IDs and passwords could be leaked, or users could have access to areas where they should
not.
There are four areas to address with identification:
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 5
Account and user identity
Role change processes
Trust levels and re-authentication
Password management
ACCOUNT AND USER IDENTITY
In this section we will address both centralizing the authentication process, as well as having a single
identity for system access across different platforms.
Best Practice: Centralization
The key to successful account and user identity include the centralization of all user
information, including:
- Credentials
- Passwords
- Authentication
By centralizing this information the company can focus on protecting this single area, as
well as providing the user with a single ID for sign on over all systems within the
company. All changes and password management is controlled in a single location.
Best Practice: Single Sign On Across Multiple Platforms
By implementing a single sign on across all platforms the company can mitigate the risk
of lost passwords or forgotten credentials and avoid the need for manual changes to
multiple accounts. Additionally, single sign on credentials improve the ease of the
auditing process and reduce the workload of technical support persons.
Implementing this best practice involves ensuring that users cannot have more than one
account, or the ability to create additional accounts. However, users that are authorized
to run batch processes in PeopleSoft will still require separate access to run processes
vs. accessing online data to ensure that access is restricted to only the running of batch
processes to avoid confusion.
ROLE CHANGE PROCESSES
As users’ access and privileges change it becomes vital to ensure that policies and procedures are
documented to ensure appropriate action is taken and changes are updated in a timely manner.
Common actions with user identity include new accounts, existing account termination, transfers to a
new department, or the granting of additional access to take on more responsibilities. The highest-risk
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 6
area is where a termination requires any access to be revoked immediately; automation can help to
ensure that all procedures are followed.
The following policies should be outlined for best practices management of user access:
When users are given access to their area of the program
What needs to be met for users to have increased permissions
The identification of audit procedures
Regular review and revision of policies
Changes can occur throughout the company, so practices needed to be thoroughly documented and
enforced.
Best Practice: Automating Common Activities
Automating common changes in the assignment, change, or cancellation of PeopleSoft
access privileges can help ensure that changes are made accurately within a reasonable
time frame, as well as leaving a clearly defined audit trail.
The following actions within the PeopleSoft Program are recommended for automation:
1. Creation of new ID (i.e. new hire)
2. Cancellation of access (termination)
3. Change in duties (due to promotion, transfer, or additional responsibilities)
Automating the termination process is the most vital of all as it represents the single
largest security threat in the role change process.
There are five key areas where automation can be applied:
New hires: After completion of paperwork the user is created and basic access is granted when
the user creates their account. The initial access information is sent to an off-site (non-company)
email which requires the user to answer additional security information to access their account
and reset their password.
Managing access to administrative functions: Users can request additional access to
administrative functions via PeopleSoft application which is then granted by the appropriate
supervisor through the creation of automatic tickets.
Transfers: Notification of transfer is sent to the account management team and generates a
report of access changes that need to be made.
Employee termination: Upon notification of termination the user’s access is immediately
restricted to self-service functions (such as tax information). Manual confirmation follows to
ensure termination is carried out.
Revoking terminal services access: The hosting provider is sent a ticket to revoke user access –
for employees the standard termination procedure (above) is followed as well to ensure no
access to functions, while this procedure removes remote desktop access.
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 7
Recommendations:
1. Improve automation levels by analyzing processes and deciding which jobs/roles can be
automated, as well as those that may require an additional level of review.
2. Offer self-service access for hiring and role transfers by allowing managers to request
access/changes when requesting HR changes.
3. Ensure there are no security risks with access to terminal services for terminated employees
who have had their primary access revoked, but still have terminal services access.
Best Practice: Stewardship over Privilege Assignment
Ensuring that the person or persons responsible for establishing and maintaining policies
have clearly-defined procedures ensures optimal functionality and security of PeopleSoft
systems. The responsible parties should have clearly-defined tasks including:
- Establishing when users are to be given access to system permissions
- Outlining the criteria users must meet prior to access to particular permissions
- Documenting auditing policies and procedures
- Updating policies to ensure they cover all areas and evolve with system or organizational changes
The Steward, or data trustee, reviews all requests for data, access granted, and
establishes procedures for access assignment. Best practices include a continuation of
the stewardship process, as well as regular auditing to ensure the process is efficient and
secure.
Best Practice: Process for Additional Privileges
Although ideally all requests for privileges and assignment would be automated, it
cannot always be the case. To ensure a quick, efficient, and secure assignment of
privileges, clear and concise policies and procedures must be outlined, including the
auditing process.
An ideal method is to establish a system to identify the privileges that are able to be
requested, record each request, and then send these request an appropriate “approval”
party, then grants the privileges automatically once they are approved. By automating
processes there is less room for error and a more efficient and secure system is created.
Best Practice: Review of Privileges
Not all situations are suitable for the automation of assigning or removing privileges,
since responsibilities and rules can change over time. Here are some scenarios to
consider:
- Employee requires access to additional privileges due to special project
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 8
- Employee requires access to additional privileges outside their job group
- Job information for employee (such as role or tenure) is dated
- Privilege assignment changes after access is granted
In order to easily review the privileges that are granted a process needs to be in place to
capture requests, as well as to record steward and supervisor activity.
Recommendations: Privilege or permission changes to be reviewed annually by supervisors or data
trustees. Improve the application by providing work lists for reviewers and guides to help reviewers
through the process.
PASSWORD CONTROLS
End-users must be encouraged to choose passwords that are not easily broken and cannot be quickly
cracked (birthdates, names of kids or spouses, etc.). Password controls help to ensure that a secure
password is chosen, as well as preventing the re-use of passwords that may no longer be secure.
Additionally, managing password data needs to ensure access by developers or system administrators
but must simultaneously be safe from theft.
Best Practice: Increase Password Strength
Although a completely randomized password is considered the most secure, its inability
to be easily memorized by many can result in compromise (i.e. by writing it down).
Rather, it’s important to ensure that the password control system helps users choose a
secure, yet memorable password. A few suggestions include:
1. Ensure passwords of 8 characters or more
2. Prevent use of dictionary words
3. No sequences (i.e. ABCDEFG or 12345678)
4. Inclusion of uppercase, lowercase, numbers, or symbols
5. Preventing the use of previous passwords
Additionally, having passwords that “expire” (become invalid) on a regular basis helps to
limit the length and breadth of attacks on the system. Passwords should ideally expire a
minimum of three times per year.
Best Practice: Auditing of Logins and Attempts
Auditing log-in activity can help organization’s identify and analyze suspicious activity by
offering account information as well as the source and target of potential attacks. In
order to do so the audit process needs to capture the following information:
- Account (UserID) and password (or password attempt)
- Date and time of attempt/login
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 9
- Result (successful/unsuccessful)
- Source information (IP address)
This auditing information can be included as part of a larger audit to include information
accessed, changes made, etc.
Best Practice: Resetting Passwords
Password reset procedures need to cover multiple scenarios, such as when a user
forgets their password, or when a password is suspected of compromise. Best practices
for password resets include ensuring that the process is quick and easy, and that the
user has the ability to regain access to their account easily.
Standard procedure includes asking the user for their email and sending the new
password information via email; however, this can become an issue if an attacker has
gained access to the user’s email account. Thus, it is advisable to ensure that passwords
can be delivered through a method other than email, as well as challenging the user to
provide additional security information.
Best Practice: Storing and Encryption
Having a centralized process for authentication across multiple platforms helps to create
a more efficient system, but also requires the centralization of password storage and
encryption to ensure security of data.
Users who have the ability to access password data may also be able to access the
source code for encryption (allowing them to decrypt passwords in the future); the
system should be designed to prevent access to all passwords at one time.
Today’s computers have enough processing power to crack just about any password, it
just takes time.
Techniques that can be used to increase security include adding a unique salt per user/ a
fixed salt to all passwords and hashing the password, or utilizing a hashing algorithm to
create a unique salt. The third solution (algorithm) takes the most time to “crack” and
therefore is an advisable security measure. It is also advisable to store and encrypt
passwords external to PeopleSoft to avoid potential security breaches of both
PeopleSoft data and passwords simultaneously.
ADDED AUTHENTICATION
Adding tokens for authentication can augment or replace the traditional ID and password process, which
can help to mitigate the security risk of a potentially weak password, or can prevent breaches of
information through compromised access data.
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 10
Tokens can include fingerprint verification, USB drives, smart cards (these are considered “connected”
tokens) or emails, SMS, IVR or mobile apps (disconnected tokens).
Best Practice: Added Authentication
It is advisable to implement authentication tokens for an added layer of security in the
case of accounts that have access to privileged information or sensitive data. Connected
(physical) tokens offer the highest level of security and ease of use.
PROTECTING DATA
In order to protect the data stored within PeopleSoft databases, control needs to be maintained over
how data is stored, accessed, and moved. There are several tiers of users who are able to access some of
these functions, so we’ll discuss each separately.
SELF-SERVICE USER
This type of user accesses their own personal data with limited risk of exposure of additional data should
it be compromised. It is recommended that users with access to their own data have that data masked if
locally saving or printing is attempted.
FUNCTIONAL ADMINISTRATOR
These administrators have broader access to sensitive information and may also be responsible for
managing data of other users. Risk for this type of access depends on the roles assigned and permissions
given within the platform.
Best Practice: Masking Data
It is vital that organizations take the time to identify sensitive areas of information and
mask this data or take the additional step of moving this data out of standard tables;
however, this would involve temporarily transferring the data back to the tables when
batch processing is performed.
Best Practice: Externalizing Sensitive Data
Transferring sensitive data outside of PeopleSoft is the best method for maintaining
security of relevant data. Tables can be created to store and encrypt sensitive data with
alternate ID’s. This would prevent any unauthorized access of sensitive data.
Best Practice: Exporting and Storing Data
External systems require access to data stored in PeopleSoft on a regular basis, so it is
vital to have established policies regarding this procedure to ensure a secure transfer of
data and to define how this data is stored.
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 11
The first step is to decide who will have stewardship of the data required – and that only
data required is transferred. How the data is stored and accessed needs to be clearly
defined and strictly enforced to ensure security.
Any sensitive data should only be stored in “real-time” to ensure a single point of
storage and to reduce the risk of unauthorized access. Finally do not allow external
systems to access PeopleSoft data tables directly; this provides too much of a security
risk.
Best Practice: Query Access
Although a powerful tool for accessing information, Query also introduces security risks
to the system that should be considered.
Query access runs separately from page access, so permissions management policies
must reflect both types of access. Since results can be saved locally there must be
clearly-defined, enforced policies about saving data. Also, organizations may want to
consider implementing object security to prevent the modification of queries by users.
SUPPORT FOR USERS
Those who support end users may require access to the user’s data to resolve issues, in which case
masking sensitive data is recommended.
DEVELOPER AND TESTER
Efficient organizations use a testing and release process that requires a mirrored database that is
separate from production – meaning that sensitive data is prevented from copying over to non-
production databases, as well as tightly controlling the access to this information in production database
when access is required.
Best Practice: Scripts for Database Refreshing
Development and test environments need regular refreshment of information to ensure
an accurate database; however, they do not need sensitive data. This type of data
should be removed and replaced with “dummy” information prior to export, as long as
the removal of this data does not impact development and testing.
Best Practice: Use of Production Data
Occasionally an environment with sensitive data removed will not be sufficient for
testing or development. In this case clear policies need to best set up for requesting
access, determining where data can be stored, tracking access, and enforcing deletion of
data at the end of testing or development.
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 12
DATABASE ADMINISTRATOR
These users need production access to deal with issues including creation of backup data, managing
physical storage, updating structures, performance enhancement, and troubleshooting. These
responsibilities do not require access to sensitive data.
Best Practice: Externalize Data
Moving sensitive data out of the database into an external location improves security at
several levels; including function administrator access [discussed next section].
However, applying data encryption in addition to externalization can offer enhanced
security.
Best Practice: Separate SYSADM Accounts
If sensitive data is stored within PeopleSoft tables then it can be beneficial to create two
levels of SYSADM access; one with access to sensitive information and one without.
Access to these accounts should be tightly monitored.
MANAGING ACCESS
While managing user access and protecting sensitive data is key to ensuring the security of any
PeopleSoft system, it is also vital to ensure that users are prevented from performing unauthorized
actions, such as protecting users with access to valid accounts, or those who are unauthorized from
taking unauthorized action. It is also important to ensure that system changes do not inadvertently give
users additional privileges.
In this section we will cover the different user types and how access to PeopleSoft can be managed for
each type.
FUNCTIONAL ADMINISTRATOR & END-USER SUPPORT
Both of these user types require access to the web application (unless reports are required), meaning
the risk is primarily limited to compromised credentials.
Best Practice: Dual Authentication
Although this may require the installation of a firewall solution, two- or three-factor
authentication can dramatically increase security. The first level of authentication is the
password, while the second is something the user is in possession of (data or a physical
object) such as phone or email data, a USB or smart card, or a token. For optimal
security, biometric (fingerprint) authentication can be added as the third factor.
Best Practice: Access Levels Based on Trust
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 13
Depending on where access is being performed from, the device used, and the history of
access, PeopleSoft can assign different levels of access permissions. For example, onsite
vs. remote access or wired vs. wireless. For device access trust levels can differ whether
it is owned by the organization, shared between multiple users, or whether the device’s
operating system and virus/malware protection is up to date. Employees who have been
with the company longer or have more training can also be provided with additional
levels of trust, as well of those who have had fewer historical password resets.
Best Practice: Time Limits to High-Risk Operations
It is recommended that access to high-risk operations within PeopleSoft be given strict
limitations, including temporary access via two-factor authentication or via a
supervisor’s permission. In addition these functions should be strictly monitored and
logged.
Best Practice: Policies Regarding Training
All policies regarding usage of the PeopleSoft system for administrative tasks need to be
clearly defined and regularly updated. Annual security training sessions are
recommended to ensure employees are aware of current policies and procedure.
Best Practice: Configuration Settings Regarding Releases
Rather than make configuration changes directly in an organization’s production
environment (including trees, queries or application setup), administrators can make
changes in a staging environment in order to test and review changes before
transferring to production.
DEVELOPER/TESTER
Developers require access to the production environment in order to make changes, while testers
ensure that developer’s changes are displaying the correct behaviour. However, there is risk involved
with developers or testers making unforeseen or unauthorized changes, as well as the risk of allowing
access via credential compromise.
Best Practice: Limitations to Access
Prior to making production changes there should be strict policies in place to ensure
changes are first made in development or verification environments, which should
remove the need for developers or testers to access production data. However, read-
only access to the production environment may be necessary to verify changes. As an
added layer of security production networks should be segregated from development
and verification networks.
Best Practice: Policies for Change Management
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 14
In order to implement good change management policies, the organization needs to
establish ownership of such changes, as well as creating a review and approval process
so changes can be scrutinized prior to implementation in a production environment.
These changes allow a full review to prevent production issues. Ideally, the majority of
change management processes are automated.
Best Practice: Separation of Duties Concerning Automatic Migration
Allowing developer access to production environments is a security risk; by separating
access between development and production environments, as well as implementing an
automatic migration of changes from development to production can significantly
reduce these security risks.
Best Practice: Auditing Development and Testing Environments
Although developers and testers need near-universal access in development and testing
environments, the same cannot (and should not) be said of an organization’s production
environment. Controls need to be in place to monitor and prevent the transfer of access
across these environments to ensure there is no “leakage” of access from
development/testing into production.
To this end, organizations should consider 1) verifying that transfers of data from
development into production do not affect access controls for developers/testers, and
2) audit reports are created to ensure that production access for these users remains
unchanged.
Best Practices: Testing Automatic Processes
It is important to regularly test security settings through an automated process. This
testing should confirm that end-users do not have access to administrative tasks and
testing that administrators cannot access PeopleSoft functions outside their areas of
focus. Ideally these tests would be performed on a copy of production environments
with sensitive data masked to ensure no leakage of information or security risk while the
testing is being performed.
DATABASE ADMINISTRATOR ACCESS
A delicate balance must be struck between allowing the DBA enough access to production environments
to ensure they can do their job effectively, while simultaneously ensuring security and preventing
unauthorized access to or use of sensitive information.
Best Practice: Test Scripts
Automating steps when SQL scripts are run in production and capturing the results, as
well as ensuring appropriate testing for desired results ensures that change control
process are consistently met and all changes are captured for review.
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 15
INCIDENT MANAGEMENT
No matter how rigorous the controls, or how enthusiastic the processes, security incidents still happen,
which is why policies and procedures need to be put into place to manage these occurrences.
Some types of incidents can include:
- Information offered by security organizations
- Publication of historical breaches that could affect the organization
- Discovery of potential breaches
- Account-level issues (password reset requests)
A company’s strategy for management of security-related incidents should include the election of
incident response teams, communication plans, and procedures that define roles and responsibilities as
well as the automation of tasks when available.
Best Practice: Response Teams
Responding to incidents, whether minor or major, in a timely manner is vital to ensuring
that risk is minimized and that solutions are quickly implemented to reduce exposure.
This type of response requires an organized response team with clearly-defined roles
and responsibilities. Teams are generally made up of a variety of members, including
information security officers, PeopleSoft and infrastructure managers, PR
representatives, and law enforcement.
Best Practice: Communication Structures
Incident management plans should define types of communications and the processes
used, including communications within the response team, within the organization, and
externally. Plans should include how communications are transmitted and when, as well
as who is responsible in the case of communications outside of the response team.
These plans and policies should be regularly reviewed and updated.
LOGGING AND AUDITING
Effectively managing the security of a PeopleSoft system includes the ability to capture and analyze
information. Logging and auditing can help to prevent security breaches, reducing the impact of
breaches, assist with defining the scope of attacks, and capturing information for security audits.
LOGGING WITHIN PEOPLESOFT
There are several tools that come with PeopleSoft that can log information right out of the box to track
levels of activity at each tier.
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 16
At the web server tier, logs can show traffic to track web activity. However, logging here does not
include IP addresses, session information, or content accessed.
The application server tier provides a more detailed view of activity, including date and time, results,
userID, and authentication attempts. The information that is not tracked includes IP addresses, web
server used, or content accessed.
At the database server tier two different audit methods exist, the PSACCESSLOG table and PeopleSoft
auditing. The PSACCESSLOG tracks information including user identification, date and time of each
access attempt, but does not include the location, failed logins, or data accessed. Within the PeopleSoft
auditing tracking can be set up to record usernames, date and time, before and after results, and update
details. PSACCESSLOG auditing can be set up for each transaction.
It is recommended that organizations using PeopleSoft at the very least make use of the internal
auditing tools offered in order to gain insight into changes that are made and activity within the system,
as well as to provide auditing capabilities.
Best Practice: Expanding the Logging Process
The PeopleSoft logging tools are not all-inclusive; they leave a lot to be desired.
Specifically, logging can miss important pieces of information resulting in an incomplete
picture of the activity. Additionally, the data can be mixed with unrelated information,
making extraction and auditing difficult.
To solve these issues it is recommended to capture additional information, include
specific views of identified risk areas, and to warehouse data to allow easier access for
detailed analysis.
Additional information to capture: IP address/location, web server, UserId, pages
accessed, indicators of data accessed, and actions performed.
Best Practice: Heuristic Tagging & Segmented Logs
Logs can include tagged sessions that are based on applicable processing rules, including
elevated access, probationary users, users approaching termination, or sessions that are
accessed from a suspicious location.
Additionally, logging data can be separated or organized to target specific activities, such
as password resets, access from high-risk locations or personnel, or access to sensitive
data.
Best Practice: Data Warehouse Storage and Access
Access and activity data needs to be easily accessible in order to audit and analyze. It is
recommended that access/activity data be kept in a structured format and is transferred
to a data warehouse for easy querying. This can be accomplished by utilizing programs
Courtesy of The Smart Panda Phone: 1-855-79-PANDA Website: www.thesmartpanda.com Email: [email protected]
PeopleSoft Security Best Practices 17
that provide structure, or to generate these files in a structured format. The key is to
help organizations understand:
1. How data is accessed (on-site, remote, wirelessly, etc.) 2. What data is accessed or altered 3. Where data is accessed from (IP address, location) 4. When data is accessed 5. What access credentials are used (UserID, authentication, password)
By committing to a structured, auditable and accessible auditing and logging process, organizations are
better positioned to ensure that data is accessed in an appropriate manner and can be alerted more
quickly to potential security breaches, or to tighten up security process where there are areas of
vulnerability.
CONCLUSION
Protecting sensitive information is key to maintaining the public and end user’s trust in an organization.
Not only does increasing security processes in PeopleSoft ensure trust is maintained, it can also reduce
costs associated with breaches. By implementing some (or all) of these recommendations with the help
of a certified PeopleSoft security consultant, organizations can save money and ensure the continued
protection of sensitive data.
ABOUT SMARTPANDA
With over 25 years of technical expertise implementing ERP solutions for a diverse range of clients, The
Smart Panda a great choice when your organization needs on or off site expertise for installations,
upgrades, maintenance, development, testing, design, architecture, security, or complex interface
integration. By utilizing The Smart Panda’s professional knowledge and skills your organization can get
the most out of your ERP investment, while simultaneously making your company operate more
efficiently.
Toll-free - 1.855.79.PANDA (1.855.79.72632)
Fax - 1.866.579.6673
Email: [email protected]