How To Stop Taking Risks with User Security
-
Posted by Harry E Fowler
- Last updated 6/29/23
- Share
At RECONNECT Envision 21, Sentinel Software’s Biv Ramlukan presented how Sentinel can help you stop taking risks with user security by providing total transparency into what your users have access to in PeopleSoft. Sentinel Software continuously monitors segregation of duties, privileged access, and sensitive data to automatically identify and prioritize your greatest PeopleSoft risks.
About Sentinel Software
Sentinel is a stand-alone application that is a bolt-on for PeopleSoft. The application helps users manage security and auditing. The purpose of Sentinel is to provide complete visibility into user access, from the application side to the data side. The application has four separate modules:
- Security Management: Complete user visibility and simplified administration.
- Audit Reporting: Report, review, and remediate audit issues.
- Data Privacy: Identify and manage user access to PII/PCI data.
- Access Management: Request, approval, and provisioning security access.
Security Management
Common security challenges that users face include:
- No visibility into user access.
- Unable to see what roles grant access to.
- Identifying who can see PII/PCI data.
- No history of security changes.
- Analysis and reporting are time-consuming.
Sentinel’s detective controls that help combat these challenges include:
- 1st Person View: View user access to menus as they see it in PeopleSoft.
- Break-Glass Access: Automatically assign and remove access between a start and end date/time.
- Indicates Sensitive Data Access: Indicate pages with sensitive PII/PCI data (e.g. SSN, bank, salary, etc.).
- Records Security Changes: Security changes are logged to a History report with a summary of weekly and monthly changes.
Users can also leverage drill-down analysis capabilities to view security and audit information. No queries, no SQL, just a simple click!
Check out the demo below for a look at the Sentinel dashboard.
Audit Reporting & Data Privacy
Common auditing challenges include:
- Mapping audit controls.
- Report building and distribution.
- Lengthy and outdated Excel reports.
- Back and forth communication of changes.
- Documenting review and decisions.
Sentinel controls that help combat these challenges include:
- Ready-Built Audit Reports: Security change history. Segregation of duty. Privileged access.
- PII/PCI Data Mapping: Identifies users with access to PII/PCI data with field masking options.
- Real-Time Analysis: No need to wait to audit reviews. View reports and review users at any time.
- Access Monitoring: Get notified when users are granted access to restricted pages or data.
Users can also leverage Attestation features that enable electronic signature with name, date, and time of user review.
Check out the Auditing demo below.
Access Management
Access Management challenges include:
- Security management across environments.
- Managing users in multiple environments.
- Provisioning and de-provisioning accounts.
- Disconnected security requests and approvals.
- No visibility in active users.
Sentinel administrative controls that help combat these challenges include:
- Automated Deprovisioning: Automatically lock accounts and remove roles for inactive users.
- Centrally Managed: Centrally view user access and manage security for all environments.
- Approval Workflow: Automatic approval routing and provisioning of access changes.
- Log User Sessions: Monitor logins and IP locations across all environments.
Sentinel supports versions up to PeopleSoft 9.2 and PeopleTools 8.59.
Check out the access management demo below.