During 2020 the way we work changed drastically, with the COVID-19 pandemic spreading like wildfire. More employees work from home than ever before. This new reality requires businesses to provide safe and reliable remote access to vital work applications and services. As part of that, widely used Oracle PeopleSoft applications are getting a relook. Business-critical systems for managing employee lifecycles, tracking purchasing orders, or performing other functions come with inherent risk due to the highly sensitive data they contain. Securing such applications to ensure access is permitted for only the right people remains a significant challenge for organizations. Those using legacy identity and access management (IAM) tools like PeopleSoft ERP are grappling with a growing amount of hacking and phishing issues recently.
The ways PeopleSoft is accessed are evolving, with most of the staff now working from home, and the ways it is protected must also be changed to meet the changing demands. This is particularly true as Oracle will stop supporting Oracle Access Manager, the 11gR2 access control middleware originally included with the PeopleSoft ERP kit, by December 2020. With budget limitations and a small range of IAM providers struggling with urgent remote access and enhanced security criteria, companies are trying to figure out how best to address this critical problem.
Changed Realities Spur New Demands
Making the transactions in PeopleSoft applications mobile-friendly is a strategic step towards enhancing the user experience. Organizations now encourage online access to self-service modules such as benefits registration, time entry, permissions, and self-service for students so that users can complete tasks on their own time and also on their own computers. Despite the advantages of mobilizing and allowing remote access, PeopleSoft security consequences remain critical concerns. Expanding access to sensitive data outside the corporate network’s secure perimeter increases the risk of attacks and further breaches that will succeed in their purpose. Although hackers increasingly target individual users and devices using the human-error factor to their advantage, the rise of user-centered threats adds to the danger as well.
The Security Implications
Eighty-one percent of cyberattacks, a recent study reported, involved stolen credentials.
The Appsian Security Platform assists PeopleSoft customers in taking a standardized approach to security. Such capability helps organizations minimize the danger of unauthorized access.
As businesses widen access to applications beyond their firewall, hackers of login credentials prey on the ease of access and target users. In today’s data protection environment, providing a single layer of authentication is grossly inadequate.
With most PeopleSoft ERP customers reporting a breach recently, it has become apparent that verification of identities and access control are serious challenges. Companies need to significantly improve their Identity and Access Management controls to protect these programs from the numerous internal and external threats which aim to circumvent them. With PeopleSoft, Appsian easily integrates existing solutions for multi-factor authentication (MFA), thus allowing contextual compliance. Context-aware implementation of MFA balances PeopleSoft security with risk and adds an additional authentication layer.
The addition of multi-factor authentication to PeopleSoft is suggested. However, it isn’t easy to incorporate security solutions for PeopleSoft and MFA. Deployment rules are unnecessarily restrictive in the absence of integration and enforce tasks, triggering user pushback. Integration is advised to better balance the application of multi-factor authentication with some degree of risk of access.
Your investment in an ERP plan gives considerable ROI over its lifetime. Extending remote access and enabling mobile transactions are the perfect ways to ensure your users remain efficient. Appsian helps companies protect their ERP data by offering an extensive suite of access controls and fine-grained security features. Appsian is the only solution that installs natively to your PeopleSoft application server, providing contextual access controls, improved logging, and analytics.
We fully recognize that having an expanded threat surface can be daunting, but with Appsian, you can help face those challenges head-on.