Session ID: 103240
Abstract: With a heightened focus on PII accountability (driven by regulations like GDPR and The California Consumer Privacy Act); organizations are taking the opportunity to fully review their GRC policies to minimize risk factors. Because PeopleSoft contains sensitive data on hundreds of pages; coupled with the fact that many organizations are broadening user access beyond their secure network - security professionals have been running into several challenges when implementing GRC policies in PeopleSoft:PeopleSoft has limited provisions to mask or redact sensitive data.Default PeopleSoft logs only record as user credential log in/out of various applications. This does not include granular detail into what data fields are being accessed; who is accessing it; and the location of access. Tracking specific events or manually analyzing security logs can be time-consuming putting organizations at risk of being non-compliant with breach remediation mandates.
Objective 1: Integrating robust access controls to ensure a strong GRC foundation in your PeopleSoft systems.
Objective 2: Applying least privileged policies to ensure a strong GRC foundation in your PeopleSoft systems.
Objective 3: Leveraging data visualization to ensure a strong GRC foundation in your PeopleSoft systems.