Data Masking could have helped prevent recent, high-profile destructive cyber attacks.

How?

By scrambling or removing sensitive data from production and non-production systems, Data Masking can prevent compromised privileged user account information from being used to gain access to sensitive data such as Social Security Numbers.

Greg Wendt, GreyHeller’s Executive Director of Security Solutions and Services, said “I’m consistently amazed that more organizations haven’t implemented Data Masking or Two-Factor Authentication.”

Cyber criminals using compromised privileged user account information to access databases would not be able to actually see the data had it been masked. Further, combining Two-Factor Authentication with Data Masking would impose even tighter security on that sensitive data, ensuring that access only occurs once the Two-Factor Authentication challenge was successfully passed, often with an SMS message or secure ID token.

Privileged users are often defined as systems and database administrators in the information technology department who maintain systems and databases that contain sensitive information.

GreyHeller’s software product – ERP Firewall – contains powerful Data Masking and Two-Factor Authentication capabilities and is used by major commercial and higher education institutions to protect their sensitive data from cyber attack.

Additional Resources:

• How to Implement 2FA Video
• GreyHeller Blog

About GreyHeller

San Ramon, California-based GreyHeller serves Oracle® PeopleSoft customers globally across all industries, helping them secure and mobilize their PeopleSoft investment. GreyHeller’s software solutions – PeopleMobile®, ERP Firewall and Single Signon  – are in production at nearly 100 PeopleSoft customers. PeopleMobile® renders PeopleSoft responsive across any mobile device and desktop. ERP Firewall and Single Signon protect PeopleSoft customers from criminal and inadvertent breach. For more information about GreyHeller, please visit www.greyheller.com.

GreyHeller’s Executive Director of Security Solutions, Greg Wendt, leads a demo-intensive session showing how organizations can deploy fluid transactions safely using the following techniques:

• Location-based security
• Two Factor Authentication
• Field level masking
• Logging and Analysis
• Utilization of Mobile Device Management solutions

August 26, 2014 – San Ramon, CA – According to a recent advisory issued by Research and Education Networking Information Sharing and Analysis Center (REN-ISAC), Higher Education faculty and administrators are being targeted with sophisticated spearphishing attacks. Cyber criminals harvest credentials and then alter victims’ payroll bank account information to re-route direct deposits to bank accounts controlled by the cyber criminals.

Tactics, techniques and procedures (TTP’s) of the cyber criminals include:

• Altering direct deposit account information
• Spoofed to appear as if message came from the appropriate department, e.g. HR for “salary increase” lures or IT department if “mailbox exceeded”
• Spoofed login screens that are a close replica of legitimate login screen
• Targeting of faculty and staff
• Using university images within e-mails text
• Spoofed institutional-specific prompts for additional credential information, e.g., PINS, bank account numbers.
• URLs mimicking legitimate (and accessible) portal URLs
• Use of the “salary increase” approach seems to coincide with end of the fiscal year.

The phishing e-mails have contained official institutional images, often via an HTML image link direct to the resource.

“Higher Education is a honey pot for the bad guys. We know of dozens more institutions that have been spearphished than are mentioned in the REN-ISAC report,” according to Greg Wendt, GreyHeller’s Executive Director of Security Solutions.”

GreyHeller’s Security Suite complies with REN-ISAC’s recommended prevention techniques:

• Redacting or masking of sensitive data
• Implementing Two-Factor Authentication at the transaction layer
• Limiting self-service functions by location – on- or off-campus
• Detailed and specific logging of the most critical events

“Our recent Security webinar series focused on helping organizations mitigate cybercrime. How to implement Two-Factor Authentication and Logging/Analysis and Incident Response contain information that will thwart the bad guys,” stated Mr. Wendt.

Recordings of the webinars can be found on GreyHeller’s website. The full REN-ISAC advisory can be found here.

About GreyHeller

San Ramon, California-based GreyHeller serves Oracle® PeopleSoft customers globally across all industries, helping them secure and mobilize their PeopleSoft investment. GreyHeller’s software solutions – PeopleMobile®, ERP Firewall and Single Signon  – are in production at nearly 100 PeopleSoft customers. PeopleMobile® renders PeopleSoft responsive across any mobile device and desktop. ERP Firewall and Single Signon protect PeopleSoft customers from criminal and inadvertent breach. For more information about GreyHeller, please visit www.greyheller.com.

Ethical Hackers at Rhino Security Labs released information about serious security holes within Oracle applications this week. Millions of records were at risk across numerous state and federal agencies, colleges and ports.

There are several causes of an event like this. Lax security and poor change control policies are at the forefront. Isn’t it time to stop “hoping” that you do not get hacked? Utilizing the ERP Firewall for multi-factor authentication could have stopped access like this before it started.

Oracle released the patch for this issue more than two years ago. Two years and it is still an issue in production systems around the world. Maintenance and security go hand in hand. If your organization cannot stay current on maintenance – then you owe it to you customers to implement the ERP Firewall to protect their data. If your organization stays current with maintenance you still owe your customers the same protection level of the ERP Firewall.

As the article states, “This is somewhat bigger than, than some of the major data breaches we’ve seen in the credit card industry,” said Caudill. “Even though there’s many fewer records here, only a few million, we’re talking about Social Security numbers, date of births, everything you need for identity theft, as opposed to credit card theft.”

Securing your applications is not an option it is mandatory. Make the call today, because it is not just your job your saving it is your identity.

June phishing attacks accounted for over $400 million in global losses. 57% of global phishing attacks are targeted at the U.S.

The attacks in June were a 43% increase over May attacks.

Protect your systems before it is too late.

Top 10 Data Breaches of the Past Five Years
(Infographic)
By TSC Advantage, Holistic Security Consultancy

Organizations seek protection of their Oracle PeopleSoft applications from cybercrime

San Ramon, California – July 15, 2014

Today, GreyHeller announced the hiring of Greg Wendt as the Executive Director of Security Solutions to further develop GreyHeller’s security products suite and to work directly with Oracle’s PeopleSoft customers to protect their sensitive data from cybercrime. In his role, Wendt will assume oversight of the security platform and operations, with responsibility for product and customer solutions. “I believe Oracle’s PeopleSoft is the best ERP system on the planet. I’ve worked with the platform since 2009 and with GreyHeller since 2011 when we implemented GreyHeller’s mobile and security systems at TCU. GreyHeller is well positioned to help organizations extend their investment in PeopleSoft,” said Greg.

Wendt is a recognized leader in PeopleSoft application architecture, data security and business operations and comes to GreyHeller with more than 17 years of experience. Greg has held top technology positions at industry-leading organizations, including RadioShack and Texas Christian University (TCU). “Greg has extensive experience as a PeopleSoft security expert. Together, we understand what is needed to help protect PeopleSoft users from cybercrime. We expect to establish GreyHeller’s security software suite as the de facto standard for protecting customers’ PeopleSoft systems,” stated Hendrix Bodden, GreyHeller’s CEO.

Wendt led implementations and PeopleSoft upgrades at TCU and RadioShack and the implementation of GreyHeller at TCU. He served as the Chairman of HEUG Tag (Technical Advisory Group), an international organization consisting of Higher Education institutions that use Oracle application software and helps guide its members on product strategy. As a certified ethical hacker, Greg has taught numerous criminal justice and cyber security courses focusing on hacking techniques. “I look forward to helping PeopleSoft customers understand their security risks and to developing tools to resolve these risks. Cyber criminals have figured out that ERP systems store as much sensitive information as do banks. I am honored to join GreyHeller in its mission to protect PeopleSoft customers from criminal breach,” said Wendt.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Recently, one of our Higher Education customers – a highly regarded US university – implemented another option for Two-Factor Authentication using our ERP Firewall software product.

Click to Call allows 2FA pins to be delivered via a telephone voice call.

Click to Call is based on new PeopleCode packages and several Java JAR files that interact with a third party calling system. It is invoked when a PeopleSoft user triggers an event –accessing sensitive data that GreyHeller’s ERP Firewall systems has been configured to protect – that sends the message to the external voice call system. That system then retrieves data containing the requested credentials from PeopleSoft. The user then enters the 2FA pin on the challenge screen which completes the challenge.

iScripts, JAR files, custom application packages, third party integration – sounds complicated right? Wrong. ERP Firewall seamlessly integrates from the user’s page action to the delivery of the call in less than 3 seconds.

The message can be customized to contain important information in addition to just the 2FA pin. This information could be beneficial and timely.

Click to Call joins ERP Firewall’s other 2FA challenges methods:

• Text
• Email
• Time-based one time password (TOTP)
• Duo Security
• IVR
• Instant Messaging
• Biometrics.