Data Security breaches (especially for your backoffice systems with sensitive data, such as HR and Financial data) is an ever-increasingly important concern. Although you're protecting your data on your database, what about protecting the data and processes that the application serves up through reporting or even as part of the application itself? How does one go about protecting that data from unauthorized access remotely or when the data is sent to a client machine as a report and saved there?

Securing your Report Data

Let's start by looking at the data that your employees access in reports. Most organizations have already made sure that the right people only have access to the right data and reports from an application perspective. However, once the data is put into an Excel spreadsheet and saved locally (so that employees can do useful things with the data), how do you ensure that the data is still protected (how many times have you read in the news about a laptop being stolen with sensitive data on it in an Excel spreadsheet?).

The best way to address this is to password protect the documents that are generated by the applicaiton and sent to the client workstation. By doing this, you can ensure that even if somebody possesses a copy of the spreadsheet with the sensitive data, that they can't see the data itself.

Securing data and functions in the Application

Although PeopleSoft provides functionality to restrict access based on roles, there are a whole new set of concerns when you've got some functions you want to make available to folks outside your firewall. Some organizations create shadow application systems, so that only the pages that they want to make available (with limited scope of access and sensitivity) and another where the rest of the functions and data exists. Another option is an application firewall, where the application firewall knows where the user is accessing the system, and grants or restricts access to the application based on the location.

Solutions

One simple solution to all these problems is to just lock down access completely. In today's business world, this means that you're getting limited ROI on your application investment by limiting the value you can derive organizationally from the data and systems you have.

Reporting Data Security

For securing the reporting data, our next release of our Excel Add-in will allow you to password protect your reporting data that comes from PeopleSoft, ensuring that even if a party has physical access to spreadsheets generated by your PeopleSoft application, that party cannot see, modify, or use the data unless they know the password applied to it.

Application Security

For application security, we've built an application Firewall that understands your PeopleSoft application and ensures that there is access-location-specific security rules you can apply with minimal administrative time and effort.

With the combination of these two products, organizations can feel safe in the knowledge that their data and processes are protected, even when the data and processes are accessed from outside of the corporate data center.