Just a few days ago, the Australian Prime Minister, Scott Morrison announced that Australia is being continuously targeted by sophisticated, state-sponsored cyber-attacks. The hacking attempts were confirmed as widespread across “all levels of government,” including essential services and businesses throughout Australia. 

The attacks were reported to exploit system vulnerabilities within the public-facing infrastructure. They also included spear-phishing, aimed at harvesting passwords – specifically for privileged users like admin and service accounts. The attackers are actively targeting national intelligence and Australians’ private information. 

These attacks in Australia are a wake-up call for organizations to harden their security posture NOW!

Besides the basic principles of patching, using safe settings within applications and having a robust backup strategy – the Australian Cyber Security Centre recommends restricting administrative privileges and using Multi-Factor Authentication for all users. Especially while performing a privileged action or while accessing an important data repository. Organizations need to align their security strategy closely with the Zero Trust security model, based on the principle of “never trust, always verify.” 

Legacy ERP applications are both a prime target and highly vulnerable to these attacks

A lot of government agencies and businesses in Australia use legacy ERP applications like PeopleSoft, and these applications make luring targets for cybercriminals because of the wealth of sensitive data they contain.

These large scale ERP systems were not designed to be exposed directly to the internet as we know today. Opening them to remote access, especially now when organizations are trying to maintain continuity, has significantly increased the risk to sensitive information.

Your users are the weakest link in your security strategy – guard them!

The success of Phishing attacks relies entirely on users falling for them. Organizations can beef up security by making minor adjustments to their existing user authentication process. This can be achieved by the use of Single Sign-on (SSO) and Multi-Factor Authentication (MFA).

Implementing an SSO drives users away from using recurring, weak passwords. And MFA can help reconfirm the identity of a user when access comes from an unknown location or when a specific high-risk piece of information is accessed. 

Challenges with implementing SSO and MFA solutions for legacy ERP systems

PeopleSoft applications demand a ton of customization and added infrastructure to support these solutions. Most SAML based Id providers do not work with PeopleSoft because of the lack of native SAML support. To avoid the added effort and cost involved with custom projects, organizations must focus on building native SAML support within PeopleSoft. 

Similarly, there are reservations with many MFA providers as they can only be implemented at the login level. Enforcing MFA at login for every sign-on attempt can cause MFA fatigue. It also allows full access to information, even if the user forgets to lock screen or log out.

To strike a balance between security and usability, MFA can be enforced conditionally, for example, enforcing an MFA challenge when access is coming from an unusual location, or requiring MFA only for a sensitive field or transaction.

Appsian helps customers implement SSO and MFA within PeopleSoft quickly, with little effort. Please write to us at [email protected] to kick start your Zero Trust Security project in your environment. 

Want to learn about our SSO and MFA Solutions in detail? Check out our buyers’ guides. 

Evaluating An SSO For PeopleSoft? Here Are The 6 Questions You Should Ask Your Potential Vendors

Effective Multi-Factor Authentication for PeopleSoft: 4 KEY CONSIDERATIONS

Join Our Upcoming webinars for the Australia (APAC) and ANZ Region.

Greg Sosna is part of our cybersecurity team, and he looks after our customers in the APAC and ANZ region. Join him and other subject matter experts presenting different strategies to protect and enhance your ERP investment today and well into the future.

California State University, the largest four-year public university system in the country, made headlines when it announced Tuesday that it intends to continue with remote teaching in the fall term at all 23 CSU campuses, affecting most of its 482,000 students. This was a bold move, but I applaud the CSU system, or any college or university, as the rapid shift to online instruction amidst COVID-19 has been an undertaking of historic proportions. 

Lost in the headlines is the amount of work that IT teams must do to enable remote access for nearly the entire university staff and faculty. For Cal State University (an Appsian customer – 17 campuses), that’s more than 53,000 faculty and staff who need access to key information and systems. Along with student users, in total, that’s 535,000 (mostly remote) users accessing the university’s ERP systems from all over the world. 

The implications of this decision are wide-reaching. Beyond answering questions like, how will you be able to keep students engaged or how will you be able to provide parity to classroom learning, there are a myriad of implications placed squarely on the enterprise systems that support these institutions (ex. PeopleSoft and SAP ECC.) With millions of students, faculty and staff depending on these applications to keep operations running smoothly, how will campuses look to adapt these systems to their new normal? How can they ensure these systems can meet these new demands?

Universities Must Focus on (2) Key Areas: User Experience and Data Security 

Remote and distance learning means operations will be extremely dependent on self-service. Universities using PeopleSoft Campus Solutions face a double-whammy. Maintaining strict authentication and data security policies create challenges on their own. In addition, many campuses require additional UX/UI solutions that enable a unified mobile user experience. Without additional UX solutions in place, PeopleSoft’s mobile user experience can be challenging for students to navigate – especially as they’re trying to access self service via mobile devices. Several colleges and universities use the full suite of Appsian’s technology to address these issues.  

For Students, User Experience is EVERYTHING 

Today, student’s primary method for communication is through their mobile devices. A common problem for universities is that PeopleSoft Campus Solutions’ primary interface is PeopleSoft Classic. This UI is not mobile responsive and has a look and feel that doesn’t necessarily align with Millennial and Gen Z. expectations. As tens of thousands of students register for classes in the fall, this user experience could prove to be problematic, as students are so used to intuitive experiences. Without UX/UI enhancements, campuses run the risk of flooding their support desks or having students abandon self-service transactions – not meeting key enrollment deadlines. 

PeopleUX by Appsian turns the Classic interface of PeopleSoft Campus Solution into a visually engaging user experience. Students can easily navigate through transactions like add/drop/swap courses, view grades, class schedules, search for classes, access advisor information, and financial aid details from their mobile device. Giving students the proper tools to execute the majority of their tasks through self-service will alleviate your staff’s workload. It will also provide one less hurdle students (especially new students) will have to get over before class begins in the Fall. 

For EVERYONE, Data Security is EVERYTHING 

Colleges and universities face the same challenges as businesses that had to transition entire workforces from office-based to work-from-home. Remote access is now a requirement, and IT departments should have the ability to dynamically control access to sensitive transactions and maintain granular visibility into user behavior – something ERP systems like PeopleSoft and SAP ECC inherently lack.  

Campuses are turning to VPN to ensure secure authentication, but VPNs have plenty of vulnerabilities. In many cases, adding Multi-Factor Authentication via Duo Security® has been a top choice – one that Appsian couldn’t recommend more. However, integrating an MFA like Duo with PeopleSoft or SAP ECC presents significant challenges. Integration is necessary, especially if you’re looking to apply step-up MFA at the transaction level. This is recommended because application-layer authentication is good, but transaction level authentication is ultimately the best way to ensure data isn’t unnecessarily exposed.  

Integration also allows you to leverage adaptive MFA. This can enable you to deploy MFA challenges (at the application layer) based on the context of access, such as business hours, location of the device accessing the system, and type of device. This flexibility can reduce the disruption of MFA challenges on the user and ultimately provides significantly better data security. 

Additionally, campuses must consider how they can maintain visibility over the data in their transactions. After all, when you consider the sheer volume of sensitive data in a student information system like student records, student financial information, parent financial information, etc. it becomes clear that the implications of a breach could be catastrophic. This is not lost on hackers who are now aware that large university systems are moving to 100% remote learning. These are data security implications that are not simple to solve, but the focus must be on visibility, control, oversight, and accountability. How detailed is your view of data access and usage? If there was a potential security threat, how long would it take you to detect and remediate it?

Conclusion 

It’s too early to tell how many colleges and universities will follow Cal State University’s lead and announce remote learning plans for the Fall semester. Regardless, now is the time to prepare for a school year that still has many variables and unknown factors that can influence a decision. 

Request a demonstration so you can get to know the many ways that Appsian can help your university and college tighten your PeopleSoft data security and deliver a mobile-responsive and visually compelling user experience to students. 

On April 19, 2020, Oracle announced on its PeopleSoft Support blog that the company is extending support for the ERP application through 2031. As stated on the blog, Oracle remains “committed to a rolling ten years of support for PeopleSoft. We will review and plan to extend support again next year, and the year after that, so that you have a decade of committed support and can plan your enterprise software investments accordingly.”  

This news should give PeopleSoft customers a sense of certainty that investing in the long-term success of their PeopleSoft applications is mission-critical. Thanks to COVID-19, organizations may be concerned about their short-term financial stability. Add in the newfound uncertainly of continuing large-scale IT projects in this climate (like a cloud ERP migration) – organizations have now found themselves looking for ways to reap maximum benefits with the lowest degree of overhead and project completion time.

Three “Home Improvement” PeopleSoft Data Security Projects  

With large-scale projects on hold, it’s a good time to invest in smaller-scale projects that focus on what is truly mission-critical today (and for the near future) – PeopleSoft data security. You’re already working hard to secure data while users are accessing remotely and while bandaids may be in place right now, organizations must consider strategies that scale long-term. 

Here are three smaller “home improvement” projects that strengthen your PeopleSoft data security posture: 

Integrate your SAML Identity Provider (IdP) for Single Sign-On (SSO)  

When you count the hours spent managing passwords (80% of help desk calls) or tackling SSO projects using customizations and home-grown solutions, you find that removing the complexity of PeopleSoft password management is an ROI positive project. Add in the lost productivity of users not being able to access business transactions (because they’re waiting for their password to be reset), then the ROI increases. The bottom line, a SAML-configured Single Sign-On for PeopleSoft will make everybody happy. A SAML SSO provides the combination of security and productivity that organizations are striving for. And, given the alarming uptick in phishing attacks – user credentials have become an obvious liability.

Strengthen IAM with Adaptive Multi-Factor Authentication (MFA)

When you’re buying new appliances for a remodeling project, you buy a washer and dryer in pairs. Yes, you can wash and dry your clothes using one or the other, but using both is a better option. Same with applying an adaptive multi-factor authentication (MFA) with your SSO as an effective method for verifying identity. Adaptive MFA ensures that contextual attributes (ex. device, network, location) are the determining factor for deploying MFA challenges. The context of access varies in mobile and work-from-home environments, and your level of control should do the same.  This is essential if your users are accessing remotely, as managing authentication (especially for high privilege users) can be challenging.

It is also recommended to expand the use of MFA and apply step-up challenges on transactions that may be considered ‘highly sensitive.’

Real-Time Visibility for User Activity Monitoring and Transaction Logging  

Just like a rug can tie a room together, real-time visibility via user activity monitoring and transaction logging can be the perfect complement to your PeopleSoft data security fixer upper. There are a lot of sensitive transactions being executed outside of the office these days, and monitoring user activity gives you a better sense of how your data is being accessed and used.  

Invest in Today and Plan for Tomorrow 

Now is a good time to take Oracle’s lead in their extension of PeopleSoft support – and alleviate a lot of the complexity around PeopleSoft data security, identity, and access management. Securing remote access with SSO and adaptive MFA today provides significant PeopleSoft ROI – along with applying a strong data security framework that can scale with a myriad of workforce and landscape changes.

Best yet, you can complete these projects in only two to four weeks, and we guarantee you won’t be cleaning up any sawdust when you’re done. 

Request a demonstration of the Appsian Security Platform today.

It’s no secret that managing PeopleSoft passwords can be challenging. This has been a hot topic for years – and with COVID-19, we’re seeing a resurgence from increased remote access. A remote workforce can quickly put a strain on IT help desk services – especially with resetting passwords. Btw, hackers know that passwords are being reset at a record pace, as demonstrated by the massive uptick in phishing attempts (+667% since Feb. according to Forbes.)

With a myriad of IT projects and an ever-changing list of demands from the organization, setting priorities can be difficult. We’d suggest PeopleSoft customers prioritize a single sign-on for (4) key reasons:

PeopleSoft Passwords are a Security Liability

I eluded to this above, but the statistics speak for themselves. According the 2019 Verizon Data Breach Investigation Report, ‘91% of hacking attacks begin with phishing/spear phishing attacks.’ Organizations try to mitigate this by using a VPN. However, after the expense and potential disruption in service after a large percentage of your workforce is accessing critical business transactions using a VPN – there is little ROI in this strategy.

Might I suggest, requiring VPN access for ‘high privilege’ access only? Normal users that are accessing self-service can be secured by leveraging a Single Sign-On (and possible multi-factor authentication.)

IT Resources Need to be More ‘Focused’ Than Ever

We don’t need to belabor this point but suffice to say that changing your business operations overnight (in the case of COVID-19) causes complexity. Ensuring network/server availability and using help desk services to troubleshoot strategic issues is better than one-off password resets.

The ROI of an SSO Project (over time) is Very High

When you count up the hours spent managing passwords (80% of help desk calls), you quickly find that removing the complexity of PeopleSoft password management, is an ROI positive project. Add in the lost productivity of users not being able to access business transactions (because they’re waiting for their password to be reset), then the ROI increases. Bottom line, an SSO project will delight both users, IT teams, and your CFO alike!

This Project Can be Done Quickly (2-4 weeks.)

We’ve come to the (sort of) tricky part. Organizations have tackled SSO projects using customizations and home-grown solutions – all of which modify PeopleSoft code and create challenges down the line. Needless to say, if you’re looking for rapid deployment, with minimum complexity (today and in the future) – than a configurable approach is recommended.

This is where Appsian comes in, as we’ve developed the native SAML connector that can seamlessly integrate your Identity Provider (OKTA, ADFS, Azure, Shibb, etc.) with PeopleSoft – creating a configurable Single Sign-On. Thus, not effecting underlying PeopleCode or having an impact on future application upgrades.

Bottom line, if you’re looking to quickly alleviate a lot of the complexity around PeopleSoft identity and access management – Appsian can help! We have worked with hundreds of PeopleSoft customers around the world, helping them remove costly customizations and implement a SAML-configured Single Sign-On for PeopleSoft.

Let us show you! We can get you up in running in a couple of weeks!

With the workforce disruption caused by Coronavirus (COVID-19),enabling remote access to ERP applications like Oracle PeopleSoft has become a business requirement. This has resulted in organizations that fear disruptions to business continuity, rushing to scope additional security solutions. Many are turning to the early adopters of remote PeopleSoft access to better understand the gaps in PeopleSoft’s security model, the implications of exposure to the internet, and the mitigation steps required to maintain security.

Hackensack Meridian Health (HMH), identified authentication vulnerabilities in PeopleSoft’s username and password security model:

Thus, resulting in the scoping of a Single Sign-On and Multi-Factor Authentication (MFA) project. Both solutions required a Security Assertion Markup Language (SAML) integration with HMH’s respective identity provider, Duo Security. The project enabled hospital staff to quickly access business-critical functions, including medical supply ordering, scheduling, and billing. All of which had a positive impact on HMH’s ability to take care of their patients. The project resulted in HMH winning Oracle Innovator Awards in 2018 and 2019. 

Cornell University wanted to enhance the logging capability for PeopleSoft Campus Solutions:

Their goal was to record user activity while performing various transactions to improve security and incident response. Cornell University proceeded to scope solutions that would enhance their visibility without hindering system performance. Once a 3^rd party logging solution was installed, Cornell University was enabled to allow access to remote students, employee and staff while maintaining granular levels of visibility. This proved critical when subsequent security incidents required rapid investigation.

The State of North Dakota identified the need to enable remote access to employees state-wide:

IT leaders sought to equip PeopleSoft Human Capital Management (HCM) and Financials with advanced features to dynamically limit data exposure and increase visibility of user activity. After deploying a 3^rd party solution for dynamic data masking and location-based security, the State of North Dakota was able to accurately align the risk level of user access with the exposure of sensitive data. Providing a clear path to enable secure, remote access to users.

With COVID-19 creating a myriad of questions and concerns for business leaders, PeopleSoft customers are encouraged to approach remote access projects carefully.

Let us know if we can help enable your journey. Contact us today!

Enabling mobile access to PeopleSoft is a primary objective for many organizations. Naturally, there are security concerns when making transactions available on the internet. Here are (5) Best Practices you should consider

1) Identity and Access Management Must Be Enhanced

A username/password security model is not enough to effectively restrict unauthorized access. PeopleSoft passwords are inherently weak, easy to crack, and some users may have multiple passwords.

2) Align Authentication with an Identity Provider (IdP)

This is typically accomplished with an enterprise Single Sign-On that is natively integrated with an IdP. For PeopleSoft, your IdP is the best authentication database because it is centrally provisioned and governed by your corporate password mandates.

3) Always Utilize Multi-Factor Authentication

Multi-factor authentication (MFA) is an effective method for verifying identity. While having this functionality at login should be a standard part of a security posture, it is recommended that an adaptive MFA be utilized.

Adaptive MFA ensures that contextual attributes (ex. device, network, location) be the determining factor for deploying MFA challenges. This helps properly align levels of risk with access policies. Context of access varies in a mobile environment and your level of control should do the same.

4) Prevent the Unauthorized Exfiltration of Data

Data leakage is the #1 cause of breaches. Data exfiltration becomes a greater risk when access is remote – mostly because devices are no longer regulated. Limiting the running of reports and queries when access is remote will help ensure data is not exfiltrated on an unauthorized device.

In addition, implementing data masking on sensitive fields will help limit the exposure of sensitive data.

5) Enhance Your Visibility into Data Access

Simply put, if you are not logging access and usage data – then you’re at risk. Having visibility into user behavior is critical in order to detect and remediate a security threat.

Also, routine audits are critical for understanding what is happening inside your applications and if further steps need to be taken.

How Appsian Can Enable PeopleSoft for Mobile Access

Appsian delivers a sophisticated platform designed to give you complete control and visibility over your ERP data. We do this by strengthening your ability to: Authenticate Users, Manage Privileged Access, Limit Data Exposure, View User Activity, and Detect and Respond to Threats

Appsian has enabled more than 250 PeopleSoft customers worldwide to securely expand access to PeopleSoft.  Let us show you how we can maximize your investment in PeopleSoft!

Request Your Demonstration Today!

With companies like Microsoft, Amazon, and Twitter encouraging workers to stay home, many wonder if this is the beginning of a “work-from-home revolution” with no end in sight. More organizations around the country are adopting remote work policies each day – with Congress being the latest addition. In fact, today, The House Administration Committee will launch a center to coordinate computers and phones into a telecommuting system.

As organizations rush to adjust to this new work culture, they must consider PeopleSoft from (2) perspectives: maintaining secure user authentication and maintaining data security. After all, telecommuting means perimeter firewalls and corporate networks are not leveraged as originally intended.

Is PeopleSoft only available on your network? Now what?!?

With many organizations opting not to expose PeopleSoft self-service transactions to the internet, a workforce thats now required to telecommute would bring business to a screeching halt. This can be devastating to operations when you consider the myriad of financial, HCM, and essential student/faculty/staff (for Campus Solutions customers) transactions taking place each day.

Halting transactions isn’t an option, so Appsian recommends PeopleSoft customers consider these areas as they transition to a telecommuting work culture:

How are you authenticating user identity?

Are you leveraging your corporate Identity Provider to authenticate PeopleSoft users? If not, understand that PeopleSoft usernames and passwords are a major liability and hackers can crack them with ease. Also, brute force attacks are much more effective when the strength of passwords is not regulated by your IdP.

Are you using a single authentication step?

Is the username/password model your sole authentication strategy? Do you have the ability to force MFA challenges, especially if users are accessing from an unknown network or device? Implementing an MFA for PeopleSoft is not just recommended, but essential for preventing unauthorized access. Plus, it greatly mitigates the damage of phishing attacks.

What is your breach remediation strategy?

Logging and analyzing user behavior is critical for maintaining network security, but are you able to identify malicious behavior inside your PeopleSoft applications? If mobile access is enabled, the result is an extended threat surface. It is recommended to enhance how you log user activity.

Bottom line is we recommend you evaluate your strategies now and determine the best path for maintaining business continuity. There are key authentication challenges to consider and the experts at Appsian are here to discuss your initiatives.

Cats & dogs, oil & water…

Apparently, these groups don’t get along. You can definitely add Security Admins & Business Users to that list. The reasons are (sort of) obvious, but only if you point them out. Simply put, one group restricts access and the other group demands access. I understand this is an over-simplification. At the end of the day, if user or corporate data is compromised, everyone gets upset. However, from a tactical standpoint, these two groups are trying to accomplish goals simultaneously and inevitably get in each other’s way.

The friction between business users and security policies typically occurs during the authentication process. For example, when a user is asked to enter login credentials or go through an MFA challenge. While this may seem innocuous, it should be noted that friction (over time) builds and builds – and if a user does not see the benefits in the extra authentication step(s), they are likely to abandon whatever business transaction they’re trying to access. And, abandonment certainly does not promote productivity!

…and, here in lies the true conflict between security and productivity

Securing data that resides in ERP applications has all the makings of a classic conflict between security and business user productivity. All the security focus is on login screen authentication – and traditional, on-premise ERP applications (SAP, PeopleSoft, Oracle EBS) are filled with sensitive data with limited ways to implement fine-grained controls. The result is Security Admins have no choice but to be overly-strict with their security policies (ex. requiring MFA at each login) – causing users to push back and possibly abandon critical business transactions.

This is where Appsian comes in… enabling dynamic MFA

Appsian enables organizations to implement adaptive, data-centric ERP security policies. Meaning, if fine-grained control is what you’re looking to accomplish – then, Appsian gives you the ability to align specific security policies to specific data elements/transactions. Being specific mitigates user friction, and here is why…

Not all sessions/transactions are risky

Question: Should you have to pass an MFA challenge if you’re working on your company-issued computer and logged on to your corporate network? What is the likelihood the context of that access is fraudulent?

Users appreciate when risk level aligns with security measures

Users don’t like their data compromised either, and when they are executing transactions that are deemed ‘high risk’ (ex. change direct deposit, update benefits, update W-4) a user should expect stepped-up security challenges.

When security aligns to the context of access – security and business policies live in harmony!

It’s corny, but its true. By aligning security to specific data elements and transactions, business processes and security policies become aligned and everyone gets what they want. Users are only challenged when necessary and Security Admins can feel their polices are properly focused.

Users can be fully productive and feel confident their data is safe and secure. True love!

Want to learn more about implementing dynamic MFA for ERP systems? Then Let’s Talk!

What is Single Sign On in PeopleSoft?

PeopleSoft, an ERP application designed by Oracle, lacks native Security Assertion Markup Language (SAML) support. This makes it challenging for IT teams to include PeopleSoft under the umbrella of applications users can access via the enterprise’s Single Sign On (SSO) solution. However, SSO can be enabled in PeopleSoft with the help of a third-party integrator like Appsian. The SAML integration allows PeopleSoft customers to fully leverage SSO solutions like OKTA, Azure AD, Ping Identity, and more to deliver ease of access.

Single Sign-On (SSO) solutions have emerged as the gold standard in identity management. While poor password practices continue to prevail, the effectiveness of the ‘username and password’ as the main authentication model has deteriorated.

Password management can be a nightmare for IT, as it reduces department productivity and increases service costs. However, SSO solutions allow administrators to centralize identity management, as end-users utilize a single set of credentials to access every enterprise application.  

Establishing an SSO for PeopleSoft 

PeopleSoft applications are a vital part of an organization’s enterprise architecture, and unfortunately, integrating PeopleSoft into an enterprise SSO can present challenges. This has lead administrators to look to the market for help – and as you evaluate an SSO solution for PeopleSoft, you should ALWAYS ask these 6 questions – the answer will be the difference between project success and failure:

How does your product interact with PeopleSoft?   

To successfully implement an SSO solution, organizations first need to integrate all applications with a centralized ID provider. Most popular ID providers such as: Microsoft Azure Active Directory, OKTA, etc. use SAML – the open federation standard that allows identity providers (IdP) to communicate with enterprise applications.  

Many off-the-shelf SSO vendors claim to support PeopleSoft. However, they ignore the fact that PeopleSoft applications do not natively support SAML. With a conventional SSO solution, PeopleSoft applications are likely to stay alienated from the rest of the organization’s business applications. Organizations must ensure that their SSO provider addresses the SAML problem upfront. Or it can lead to a ripple of problems with the implementation (ex. inflated budget, time lines, complexity, etc.) 

Is there a need for customizations?   

Exclusive to PeopleSoft, most SSO providers are required to build an extensive framework of customizations. Customizations demand extra resources and prolong the implementation timeline – thus, increasing the project liability. Even after that, custom SSO solutions can be insecure, fragile, lack functionality for some transactions and be prone to problems that are difficult to troubleshoot. Moreover, building and maintaining a customized framework requires both coding and PeopleTools expertise – which is a rare skill combination. Alternatively, PeopleSoft customers can seek a configurable SSO based on logic workflows built outside of the PeopleCode. 

Are there additional hardware/server requirements?   

In most cases, organizations will be required to purchase additional hardware to support the customizations designed to simulate communication between PeopleSoft and their respective Identity Provider. The procurement of new infrastructure (reverse proxy servers) is not ideal and can result in unexpected project budget overruns. 

Does the solution support deep embedded links? 

One of the primary benefits of an SSO solution is allowing users to bypass login with the use of deep links or embedded links. These links, when sent to a user, can take them to a specific transaction using the previously authenticated SSO session. Thus, saving time and increasing user satisfaction and productivity. However, most off-the-shelf SSO providers don’t support this functionality. With increasing remote access on mobile devices, deep-link navigation can be important to usability and engagement. For instance, a user can go straight to an intended transaction by following a link (sent via email, text, etc.) even if they are required to authenticate an SSO session on a device they don’t use frequently.  

How does the solution impact PeopleTools Lifecycle Management? 

PeopleSoft’s native functionality is continuously evolving with every single image released via the PeopleSoft Update Manager (PUM). These updates include frequent changes in the authentication model, which means that a customized solution would demand excessive upgrade and alteration with each update. The constant need for upkeep can adversely affect the adequate use of customer resources and time, making room for an increased scope of errors and subsequent troubleshooting. 

What if we decide to switch an ID provider? 

One of the most important decisions organizations need to make while choosing an SSO solution, is the flexibility of adaptation if and when they decide to switch IDPs. Ideally, organizations must look for a configurable SSO instead of a coded (customized) one. Reason being, when an organization plans to switch to a new ID provider, a custom solution would require building a whole integration framework. Therefore, a custom SSO can prove to be tedious and time-consuming, unlike a configurable SSO that can allow a seamless switch. 

Appsian’s PeopleSoft SSO Connector  

Designed to create a simple, extensible, and easy-to-maintain approach to the implementation of modern authentication, Appsian’s PeopleSoft SSO Connector is the only turnkey solution for native SAML-compatibility in PeopleSoft – enabling customers to:

• Leverage existing investment in SSO solutions with PSFT 
• Authenticate PSFT sessions via SAML-based Identity Providers 
• Access PeopleSoft via deep link navigation  
• Support multiple IdPs concurrently 
• Deploy SSO for PeopleSoft in as quick at 7 days  
• Implemented without additional hardware or custom coding  

To learn more, Request a Demo with a PeopleSoft security expert or write to us at [email protected]