When working with PeopleSoft customers to help them understand their security risks, we often find that these organizations believe they are better protected than they actually are.
Our advice? Stop being reactive. Be proactive.
Correct preparation makes incidents far easier to resolve. Detailed and specific event-driven logging can alleviate some of the frustrations. Within the PeopleSoft application stack, it is often difficult to understand what users are doing after the fact. Sometimes effective dated pages make that easier, but nothing can replace a great logging solution.
Case in point….a user gets phished and the attacker then impersonates that user to update data within the PeopleSoft application. It might be easy to see the one row the attacker updated, but what about the data the attacker just looked at? How would you like to definitively answer what that attacker did?
Correct preparation would give you these answers – all the components, pages, and records that attacker saw. Yes, that’s right – know what the attacker accessed. Correlate by times, IP address or other information that you choose to log.
How about another scenario in which a professor travels abroad, accesses their personal data and updates an address? Later on in the day the organization is attacked from the country visited. The security staff at the University wants validation of the transaction(s). With the right logging this is an easy question to definitively answer – a quick resolution to a false positive.
Detailed, specific, event driven, customizable logging designed for your business processes greatly simplifies incident response.
The costs of resolving an incident continue to increase.
Our advice? Minimize the risks by being proactive with your security.-->
Put the Appsian Security Platform to the Test
Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives