Appsian App Security Datasheet - ERP Security & Compliance, Designed for SAP & PeopleSoft · 2020. 1. 27. · Facilitates Integration Broker Authentication Allows manual logins •

� ��� �� � � � �

Application Security Platform

Application Security Platform offers PeopleSoft users an intelligent, granular-level approachto securing their PeopleSoft environments.

► Secures Access from variety of form factors • Mobile Devices • Desktop Browsers • Accessibility Devices

► Cross Device Compatibility • Mobile Devices – iOS, Android, Windows, & Blackberry • Desktop Browsers – including older browser versions • Accessibility Devices including JAWS

► Runs within the PIA • No additional hardware or software required • Administered and supported by existing PeopleSoft resources • Improves performance and scalability by not having to route traffic to other servers

► Tightly coupled with PeopleSoft • Fluid and Classic pages • Interaction Hub / Portal • No new infrastructure • Authentication and Role / Permission Infrastructure

► Rapid Implementation

� ��� �� � � � �

Intrusion Prevention

Data Loss Protection

Features / Functionalities

► Single Sign On (SSO)

• Register Shibboleth, ADFS or other SAML

identity providers

• Facilitates the Authentication process

▪ Eliminates login action if user is already

authenticated with SAML

▪ Facilitates login action if user is not already

authenticated

▪ Facilitates Integration Broker Authentication

▪ Allows manual logins

• Works with PeopleSoft’s account provisioning

• Rules to map token to PeopleSoft ID

• Control access based on

▪ Authentication Location trust

▪ Federated Identity Provider trust

• Log based on

▪ Identity provider trust

▪ Failed logins

► Two-Factor Authentication

• Apply 2FA at application login level, Page level or a

field level

• Integrates PeopleSoft with all 3rd party token providers

such as OKTA, DUO, Google Authenticator etc.

• Token delivery via SMS, Email, Phone, IVR, Mobile App

• Prevents 2FA outage token loss theft

• Effective provisioning of 2FA tokens

• Combines 2FA with location based security

• Drives high privilege user adoption for 2FA

► IP Based Access Control

• Redact and partially replace sensitive fields

• Combines 2FA with location based security

• Protects against Malicious insider data theft

• Control access based on defined attributes

▪ Location / Device type / IP address / Operator ID

► Data Masking / Click to view

• Masks or removes sensitive data in PeopleSoft

application

• Removes / replaces data server-side prior to

delivery to end-user

• Conditionally allows unmasking of data upon

passing additional security challenge

• Logs request, access, and/or denial of unmasking

sensitive data

• Protects against Malicious insider thefts and

unintentional insider data loss

► PS_TOKEN Security

• Protects PeopleSoft against the (PS_TOKEN)

TokenChpoken attack

DATA SHEET

Incident Response

Features / Functionalities

► Logging

• Captures detailed end-user access data to support

audit, compliance, and incident response requirements

▪ User ID / IP Address / Result / Browser / Date / Time

▪ Login Page / Portal Content / PeopleSoft Page /

iScript

▪ EMPLID / Search Criteria / Actions taken

• Allows creation of targeted logs

▪ Failed login activity

▪ Activity for specific content

▪ Activity for types of users

▪ 2-factor activity

• Flexible and configurable logging

► Security Analytics

• Accelerate threat detection, reporting and response –

data trends are aggregated and visualized in

PeopleSoft Security Analytics using engaging and

visually rich dashboards

• Intrusion prevention

▪ Authentication attempt trends

▪ Geographical location of access

▪ Brute Force attack detection

• Data Loss Prevention

▪ Trending data access by sensitivity

▪ Trending privilege user access

▪ Security changes tracking

• Incident response

▪ Forensics at user / IP level

▪ Detecting breaches / attacks

Others features

► High Privilege Access

• Controlled access for shared batch or admin accounts

• Addresses known security risks and compliance issues at PeopleSoft customers by removing shared account

access

► Delegate Access

• Allows Campus Solutions customers to grant granular access to students to view Grades, Financial Aid,

Schedule, etc.

• Controlled access for students’ parents/guardians/delegates

©�� � � � �� � �� � � �

8111 Lyndon B Johnson Fwy. Dallas, TX 75251 (469)906-2100 info@appsian.com