×
[searchandfilter taxonomies="search"]
Home / Blog / Secure Yourself Today for Tomorrow!

Secure Yourself Today for Tomorrow!

By Greg Wendt • September 17, 2014

Ethical Hackers at Rhino Security Labs released information about serious security holes within Oracle applications this week. Millions of records were at risk across numerous state and federal agencies, colleges and ports.

There are several causes of an event like this. Lax security and poor change control policies are at the forefront. Isn’t it time to stop “hoping” that you do not get hacked? Utilizing the ERP Firewall for multi-factor authentication could have stopped access like this before it started.

Oracle released the patch for this issue more than two years ago. Two years and it is still an issue in production systems around the world. Maintenance and security go hand in hand. If your organization cannot stay current on maintenance – then you owe it to you customers to implement the ERP Firewall to protect their data. If your organization stays current with maintenance you still owe your customers the same protection level of the ERP Firewall.

As the article states, “This is somewhat bigger than, than some of the major data breaches we’ve seen in the credit card industry,” said Caudill. “Even though there’s many fewer records here, only a few million, we’re talking about Social Security numbers, date of births, everything you need for identity theft, as opposed to credit card theft.”

Securing your applications is not an option it is mandatory. Make the call today, because it is not just your job your saving it is your identity.

Related Articles.

How Often Should You Perform PeopleSoft User Access Reviews And Why
How Often Should You Perform PeopleSoft User Access Reviews And Why
PeopleSoft teams often face threats caused by excess privilege, malicious insiders, and access misuse. Most of these can be mitigated…...
May 27, 2022
Learn More
7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
Maintaining a state of audit readiness has become more critical than ever for organizations using PeopleSoft and other ERP systems…...
May 2, 2022
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / GreyHeller Presents a FREE Webinar Series

GreyHeller Presents a FREE Webinar Series

By Chris Heller • August 18, 2014
Join us for a series of informative webinars hosted by Larry Grey, President, Chris Heller, Chief Technology Officer and Greg Wendt, Executive Director, Security Solutions & Services.

MOBILIZE PEOPLESOFT

Mobilizing PeopleSoft — Campus Solutions Sept. 10, 2014   11am-Noon (PDT) Learn how to mobilize your entire PeopleSoft application in 90 days or less, including customizations.
Mobilizing PeopleSoft — HCM  Sept. 17, 2014   11am-Noon (PDT) Learn how to mobilize your entire PeopleSoft application in 90 days or less, including customizations.
Mobilizing PeopleSoft — Financialsand Supply Chain Sept. 24, 2014   11am-Noon (PDT) Learn how to mobilize your entire PeopleSoft application in 90 days or less, including customizations.

SECURE PEOPLESOFT

How to Implement Two-Factor Authentication Oct. 1, 2014   11am-Noon (PDT) Learn how to use 2FA to protect your data, determine which functions are right for you and how 2FA will benefit your constituents
Logging and Analysis & Incident Response Oct. 8, 2014   11am-Noon (PDT) Learn how to implement a full circle logging practice, use logs for performance tuning, incident response and more!
We hope to see you there!We encourage you to forward this e-mail message to colleagues who may also be interested in attending.Can’t make the webinar?Register for more information and to be added to our webinar invite list.

Related Articles.

How Often Should You Perform PeopleSoft User Access Reviews And Why
How Often Should You Perform PeopleSoft User Access Reviews And Why
PeopleSoft teams often face threats caused by excess privilege, malicious insiders, and access misuse. Most of these can be mitigated…...
May 27, 2022
Learn More
7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
Maintaining a state of audit readiness has become more critical than ever for organizations using PeopleSoft and other ERP systems…...
May 2, 2022
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / Phishing attacks increase

Phishing attacks increase

By Greg Wendt • August 8, 2014

June phishing attacks accounted for over $400 million in global losses. 57% of global phishing attacks are targeted at the U.S.

The attacks in June were a 43% increase over May attacks.

Protect your systems before it is too late.

Related Articles.

7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
An overview of China's newly enacted data security law that increases the comprehensive legal framework for companies doing business in or with China
Unpacking China’s New Data Security Law and Privacy Legal Framework
If you’re a multinational enterprise (MNE) that does business in or with China, you’re likely aware of the Data Security…...
September 9, 2021
Learn More
Access Governance is Critical for Preventing Phishing Attacks
Access Governance is Critical for Preventing Phishing Attacks
The news is flooded with stories about cybercriminals successfully engaging in phishing and social engineering aimed at exploiting people’s COVID-19…...
May 18, 2020
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / Change your passwords

Change your passwords

By Greg Wendt • August 8, 2014

A Russian crime ring has collected over 1.2 billion user names and passwords. The statistics within this breach are stunning. 420,000 websites, 4.5 billion records, 542 million unique email addresses.

According to the article – most of the sites are still vulnerable to the hacker’s exploits. The hackers used SQL injection attacks to gain access to this data.

The average breach cost increased 15% last year from $3.1 million to $3.5 million. These costs will continue to rise for the foreseeable future.

As a consumer, create unique user ids and passwords for EVERY site you use. Use an algorithm to make them easy to remember and make them long. An example might be concatenating two of your favorite things together with something separating them. $k11n6Fb$n0wB0@rd1ng! for example. Other techniques can be found

As a company, stay on the offensive. Mine your logging data, keep your defenses up to date, insist on tough security protocols over convenience and do not assume you are safe.

Related Articles.

7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
December is Prime “ERP Data Breach” Season… Be Prepared!
Establishing security best practices for your PeopleSoft applications is always a work in progress. As newer, more advanced threats come…...
November 28, 2018
Learn More
PS_TOKEN, Phishing and Peoplesoft
After the PS_TOKEN threat vector was announced at Hack in the Box Amsterdam in May 2015, security organizations started adding…...
December 2, 2015
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / Protect Against Mistakes

Protect Against Mistakes

By Greg Wendt • July 31, 2014

Homeland Security issued a new report warning about hackers attacking remote access software. Checking in from home leaves entry for hackers. Victims of these attacks include Target, P. F. Chang’s, Neiman Marcus, Michaels, Sally Beauty Supply, and Goodwill Industries International, the nonprofit agency that operates thrift stores around the country.

The report recommends….making two factor authentication the status quo.

Seattle University got caught with scanned images on an internal drive without permissions. Seattle University donor checks exposed. Incorrect permission settings on an internal drive made it possible for anyone with a Seattle University computer account to view the information.

Two-factor authentication invoked upon accessing the drive would have prevented unauthorized access without first passing a two-factor challenge

Related Articles.

7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
How Appsian Solved Unique SAML Integration & IdP Configuration
[Customer Story] How Appsian Solved University of Nebraska’s Unique SAML Authentication & IdP Configuration
The University of Nebraska uses PeopleSoft Campus Solutions for its student information system and wanted to streamline authentication for students,…...
March 3, 2022
Learn More
December is Prime “ERP Data Breach” Season… Be Prepared!
Establishing security best practices for your PeopleSoft applications is always a work in progress. As newer, more advanced threats come…...
November 28, 2018
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / Top 10 Data Breaches of the Past Five Years (Infographic)

Top 10 Data Breaches of the Past Five Years (Infographic)

By Greg Wendt • July 23, 2014

Top 10 Data Breaches of the Past Five Years
(Infographic)
By TSC Advantage, Holistic Security Consultancy

Related Articles.

An overview of China's newly enacted data security law that increases the comprehensive legal framework for companies doing business in or with China
Unpacking China’s New Data Security Law and Privacy Legal Framework
If you’re a multinational enterprise (MNE) that does business in or with China, you’re likely aware of the Data Security…...
September 9, 2021
Learn More
The RECON Bug Highlights SAP Customers’ Need for Fine-Grained Control and Visibility (Not Just Security Patches)
A critical SAP vulnerability (CVE-2020-6287 or RECON) was recently discovered by Onapsis that gives attackers TOTAL control of vulnerable business applications. It…...
July 21, 2020
Learn More
Access Governance is Critical for Preventing Phishing Attacks
Access Governance is Critical for Preventing Phishing Attacks
The news is flooded with stories about cybercriminals successfully engaging in phishing and social engineering aimed at exploiting people’s COVID-19…...
May 18, 2020
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / Don’t be reactive when it comes to securing your PeopleSoft assets from cybercime. Be proactive.

Don’t be reactive when it comes to securing your PeopleSoft assets from cybercime. Be proactive.

By Greg Wendt • July 21, 2014

Kevin R. Brock, a leading cybersecurity expert and the FBI’s former Principal Deputy Director, National Counterterrorism Center and Assistant Director for Intelligence, in a recent Forbes article stated –

“The impacts of cyber intrusions and disruptions are much greater and often devastatingly public—bringing to bear significant risk to company reputation, shareholder value and creating an entire new set of liabilities. Historically, the management of this risk has been delegated down in the organization. Current studies still show that upper management in most companies is rarely briefed on cyber threats.”

When working with PeopleSoft customers to help them understand their security risks, we often find that these organizations believe they are better protected than they actually are.

Our advice? Stop being reactive. Be proactive.

Correct preparation makes incidents far easier to resolve.  Detailed and specific event-driven logging can alleviate some of the frustrations.   Within the PeopleSoft application stack, it is often difficult to understand what users are doing after the fact.  Sometimes effective dated pages make that easier, but nothing can replace a great logging solution.

Case in point….a user gets phished and the attacker then impersonates that user to update data within the PeopleSoft application.  It might be easy to see the one row the attacker updated, but what about the data the attacker just looked at?  How would you like to definitively answer what that attacker did?

Correct preparation would give you these answers – all the components, pages, and records that attacker saw.  Yes, that’s right – know what the attacker accessed.   Correlate by times, IP address or other information that you choose to log. 

How about another scenario in which a professor travels abroad, accesses their personal data and updates an address? Later on in the day the organization is attacked from the country visited. The security staff at the University wants validation of the transaction(s).  With the right logging this is an easy question to definitively answer – a quick resolution to a false positive.

Detailed, specific, event driven, customizable logging designed for your business processes greatly simplifies incident response.

The costs of resolving an incident continue to increase.

Our advice? Minimize the risks by being proactive with your security.

Related Articles.

How Often Should You Perform PeopleSoft User Access Reviews And Why
How Often Should You Perform PeopleSoft User Access Reviews And Why
PeopleSoft teams often face threats caused by excess privilege, malicious insiders, and access misuse. Most of these can be mitigated…...
May 27, 2022
Learn More
7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
Maintaining a state of audit readiness has become more critical than ever for organizations using PeopleSoft and other ERP systems…...
May 2, 2022
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / GreyHeller Appoints New Executive Director of Security Solutions

GreyHeller Appoints New Executive Director of Security Solutions

By Chris Heller • July 17, 2014

Organizations seek protection of their Oracle PeopleSoft applications from cybercrime

San Ramon, California – July 15, 2014

Today, GreyHeller announced the hiring of Greg Wendt as the Executive Director of Security Solutions to further develop GreyHeller’s security products suite and to work directly with Oracle’s PeopleSoft customers to protect their sensitive data from cybercrime. In his role, Wendt will assume oversight of the security platform and operations, with responsibility for product and customer solutions. “I believe Oracle’s PeopleSoft is the best ERP system on the planet. I’ve worked with the platform since 2009 and with GreyHeller since 2011 when we implemented GreyHeller’s mobile and security systems at TCU. GreyHeller is well positioned to help organizations extend their investment in PeopleSoft,” said Greg.

Wendt is a recognized leader in PeopleSoft application architecture, data security and business operations and comes to GreyHeller with more than 17 years of experience. Greg has held top technology positions at industry-leading organizations, including RadioShack and Texas Christian University (TCU). “Greg has extensive experience as a PeopleSoft security expert. Together, we understand what is needed to help protect PeopleSoft users from cybercrime. We expect to establish GreyHeller’s security software suite as the de facto standard for protecting customers’ PeopleSoft systems,” stated Hendrix Bodden, GreyHeller’s CEO.

Wendt led implementations and PeopleSoft upgrades at TCU and RadioShack and the implementation of GreyHeller at TCU. He served as the Chairman of HEUG Tag (Technical Advisory Group), an international organization consisting of Higher Education institutions that use Oracle application software and helps guide its members on product strategy. As a certified ethical hacker, Greg has taught numerous criminal justice and cyber security courses focusing on hacking techniques. “I look forward to helping PeopleSoft customers understand their security risks and to developing tools to resolve these risks. Cyber criminals have figured out that ERP systems store as much sensitive information as do banks. I am honored to join GreyHeller in its mission to protect PeopleSoft customers from criminal breach,” said Wendt.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Related Articles.

How Often Should You Perform PeopleSoft User Access Reviews And Why
How Often Should You Perform PeopleSoft User Access Reviews And Why
PeopleSoft teams often face threats caused by excess privilege, malicious insiders, and access misuse. Most of these can be mitigated…...
May 27, 2022
Learn More
7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
Maintaining a state of audit readiness has become more critical than ever for organizations using PeopleSoft and other ERP systems…...
May 2, 2022
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Home / Blog / Responsive Design: what is it and why is it important to Oracle® PeopleSoft customers?

Responsive Design: what is it and why is it important to Oracle® PeopleSoft customers?

By Chris Heller • July 4, 2014

In our conversations with Oracle® PeopleSoft customers about modernizing and mobilizing their PeopleSoft pages and customizations, we always introduce the concept of Responsive Design.

What is Responsive design? According to Wikipedia:

Responsive web design (RWD) is a web design approach aimed at crafting sites to provide an optimal viewing experience—easy reading and navigation with a minimum of resizing, panning, and scrolling—across a wide range of devices (from mobile phones to desktop computer monitors).

There are a number of significant benefits from leveraging responsive design techniques in a mobile strategy for PeopleSoft pages and customizations:

  • Instead of different solutions/code lines for each device and form factor, there is only a single Responsive Design solution/code line to build and maintain
  • A Responsive Design solution is more adaptable to the ever-changing device landscape. For example, in addition to smartphones and tablets, phablets are gaining market adoption at a rapid rate. Proper Responsive Design architecture will automatically adapt to these new device types.

When applying Responsive Design techniques to legacy PeopleSoft transactions, there are a number of hurdles to overcome:

  • Many PeopleSoft pages contain hundreds of data elements that must be incorporated into Responsive Design
  • Stripping down PS pages is generally not an acceptable practice because each element has a specific purpose
  • PS pages have a structure that must be retained in any Responsive Design application
  • When generating HTML, PeopleTools incorporates hard-coded length and width attributes that defeat efforts to allow the browser to respond to device sizes

PeopleSoft Timesheet

To illustrate these challenges, let’s take a look at the PeopleSoft Timesheet where there is a complex structure with lots of data elements, hard coded widths and a grid that is wider than a standard desktop view.

Standard Desktop View

With GreyHeller’s Responsive Design technology, we make this transaction responsive out-of-the-box.

Responsive Design view on an iPhone

Note how the data reflows and that grid information is vertical and summarized, yet all data entry fields are easily accessible.

Responsive Design view on an iPad

Note page elements are displayed side-by-side, and the grid responds to display in a tabular versus vertical format.

Related Articles.

How Often Should You Perform PeopleSoft User Access Reviews And Why
How Often Should You Perform PeopleSoft User Access Reviews And Why
PeopleSoft teams often face threats caused by excess privilege, malicious insiders, and access misuse. Most of these can be mitigated…...
May 27, 2022
Learn More
7 Benefits Of Automating User Access Reviews In PeopleSoft
7 Benefits Of Automating User Access Reviews In PeopleSoft
When PeopleSoft users transition to different roles or offboard, their previous roles and accounts in the system often remain intact.…...
May 6, 2022
Learn More
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
8 Critical Success Factors For Achieving Audit-Readiness In PeopleSoft
Maintaining a state of audit readiness has become more critical than ever for organizations using PeopleSoft and other ERP systems…...
May 2, 2022
Learn More

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

  1. Pages:
  3. 1
  4. ...
  5. 23
  6. 24
  7. 25
  8. 26
  9. 27
  10. 28
  11. 29
  12. ...
  13. 34
Request a Demo

Start your free demo

"Learn how you can reduce risk with rapid threat protection, audit response and access control. All from a single, comprehensive platform"

Trusted by hundreds of leading brands