The State of North Dakota wanted to:
- Reduce the unwanted exposure of sensitive data by redacting/masking personally identifiable information of employees and third-party associates, which wasn’t possible with PeopleSoft’s out-of-the-box capabilities.
- Improve visibility into user activity across applications on a granular, transactional-level but the native logs provided information on login and logout instances only.
- Limit access to sensitive transactions to their secure corporate network – functionality that is not a part of the application’s delivered security.
Using Appsian’s Application Security Platform, the State of North Dakota implemented field-level masking of sensitive data across their PeopleSoft HCM, FSCM and ELM applications. While sensitive data was masked for most users, certain high privileged roles were allowed access through a ‘click-to-view’ feature that logs the deliberate user interaction and exposure of sensitive data fields. Location-Based Security was also implemented to protect access to bank account pages from outside of State of North Dakota’s network, where self-service users had to pass a multi-factor authentication challenge to perform a transaction. Field-level logging was implemented to monitor user activity and the logs were separated by recruiter access, admin roles, payroll admin roles, and other filters to simplify auditing.
Following ASP’s implementation, the State of North Dakota leveraged their existing 2FA provider, SafeNet, to challenge users to reconfirm identity at page/component level, specifically while performing self-service tasks remotely. The secured remote access for banking transactions improved the security of employees’ payroll data and aided defense against payroll diversion. The click-to-view functionality allowed the State to increase visibility into privileged users’ activity while still allowing them to access sensitive data to perform their day-to-day jobs. Furthermore, the enhanced logs recorded every user transaction which could be referenced to notice, investigate and remediate suspicious activity. The solution resulted in improved security not just for employees of the state but for 3rd party suppliers as well.
The State of North Dakota administrative office comprises of over 70 state agencies to provide exceptional community, family, health, education, security, transportation and more services to the citizens of North Dakota.
- SafeNet MFA
- Dynamic Masking & Click-to-View
- Location-Based Security
- PeopleSoft Logging
- Enabled multi-factor authentication with SafeNet
- Implemented role-based, field-level masking
- Improved remote access security with location-based access controls and dynamic MFA challenges
- Enhanced logging with filtered activity logs
‘‘Cybersecurity is a priority for the State, and Appsian’s solution allowed us to enhance our security posture to provide even stronger safeguards of our critical systems and personnel data, while providing greater visibility for administrators into transaction-level detail.” Jeff Larshus, Director of State Financial Services.’’
– North Dakota Management and Budget
Start your free demo
"Learn how you can reduce risk with rapid threat protection, audit response and access control. All from a single, comprehensive platform"
Trusted by hundreds of leading brands