![Pathlock CEO Piyush Pandey on Reshaping Application Access Governance: Insights from KuppingerCole Reports](https://pathlock.com/wp-content/uploads/2023/08/KC_Report_Piyush_insights-112x112.jpg")
![Pathlock Reshapes the Access Governance Market with a Series of Strategic Mergers](https://pathlock.com/wp-content/uploads/2022/05/MicrosoftTeams-image-7-112x112.png")
![Streamlining SOX Compliance and 404 Audits with Continuous Controls Monitoring (CCM)](https://pathlock.com/wp-content/uploads/2021/06/iStock-1289898562-1-112x112.webp")
City Of Plano Secures Sensitive PeopleSoft Data With Pathlock’s Dynamic Data Masking
Executive Summary
The PeopleSoft team at the Plano City Council (PCC) wanted to prevent unnecessary exposure of personally identifiable information (PII) and financial data within PeopleSoft. They also wanted to restrict access to sensitive data when employees access PeopleSoft from external IP addresses. Using Pathlock’s Dynamic Data Masking, the agency was able to achieve the desired results.
Challenges
Existing data masking capabilities in PeopleSoft offered limited control over which fields can be masked, meaning the City could only mask a predefined set of fields using static policies for enforcement. As a result, sensitive data fields such as social security numbers, bank account information, and more were subjected to duplication and leakage via phishing attacks.
Solution
With Pathlock Native for PeopleSoft, the City’s PeopleSoft team extended data masking to all sensitive data fields across their ERP environment and paired it with real-time contextual policies. As a result, the team was able to fully or partially conceal sensitive data based on where access was coming from. Additionally, the team restricted access to PII and sensitive financial data for external IPs.
Results
Pathlock’s Dynamic Data Masking allowed fine-grained control over which sensitive data fields the City’s PeopleSoft team could mask for any specified user, in the context of any situation. Further, data masking can occur in real-time without affecting the underlying information. Using a configurable rules engine, Pathlock enabled masking policies that adapt to the context of access (user Id, IP device, etc.). Thus, completely restricting access to sensitive data when city employees accessed PeopleSoft outside the secure office network.
“With Pathlock data masking in place, we have been able to offer our employees access to their data while protecting their personally identifiable information when accessed from a remote location.”
Rick Figueroa
Application Integrator/Developer III