Executive Summary

The State of Kansas wanted to allow all employees and non-employees to access PeopleSoft self-service seamlessly within and outside the corporate network on their mobile devices. Over a two-year period, the State expanded access to PeopleSoft from 12,000 to all 50,000 state employees, including contractors, truck drivers, police officers, and state police medical contractors who would be using iPads and various mobile and remote workstations. Realizing that opening PeopleSoft applications to the public internet could pose significant security and compliance concerns, the state administration approached Appsian to fortify their PeopleSoft environment.

Challenges

The State of Kansas did not have any third-party data masking capability deployed for their production or non-production environment. In their existing PeopleSoft environment, masking was incomplete, offered no flexibility, and only worked on select delivered pages. The native masking functionality was not working sufficiently for their HCM and FSCM power users. When the State rolled out access to its 50,000 employees, they realized the need for added security layers so the State employees could access the internet seamlessly on any device for mobile and remote workstations. Additionally, as their roles were getting more complex, access control became a critical requirement that out-of-the-box PeopleSoft features could not fulfill.

To fill the security gaps in access control and usage, Appsian aimed to equip their FSCM and HCM pillars with advanced features to improve remote access control, manage risk exposure, and increase the visibility of user activity. Using the Appsian Security Platform (ASP), the State deployed MFA capabilities, contextual data masking, and dynamic access controls to achieve their desired results.

Solution

Using the Appsian Security Platform, the State of Kansas implemented field-level masking of sensitive data across their PeopleSoft HCM and FSCM applications. ASP helped the State monitor employee access and usage regardless of the seniority or the technology stack they were using. They also implemented location-based security to protect access to certain pages for users outside the State’s network. Appsian’s dynamic data masking solution works on customized pages, and they were able to roll out masking in a staged manner based on their business requirements.

Results

Following the implementation of Appsian’s dynamic data masking capabilities, the State of Kansas leveraged their existing static data masking to challenge users to reconfirm identity at a page level, especially for remote self-service transactions. ASP improved the State’s visibility into the activities of privileged users while allowing them access to sensitive data to perform their roles efficiently. These solutions were cost-effective since they could be deployed without any custom development or additional software. The State has plans to expand the use of Appsian’s data masking in their future projects.

INDUSTRY

Government

EMPLOYEES

50,000

PROFILE

The State of Kansas administrative office comprises over 100 state agencies to provide exceptional community, family, health, education, security, transportation, and more services to the citizens of Kansas.

Start your free demo

"Learn how you can reduce risk with rapid threat protection, audit response and access control. All from a single, comprehensive platform"

Trusted by hundreds of leading brands