City Utilities Of Springfield Strengthen PeopleSoft User Authentication & Remote Access Security With Pathlock
Executive Summary
The Web Operations Team at City Utilities of Springfield (CU) wanted to establish a Single Sign-On (SSO) solution for seamless access to all enterprise applications. After hitting a roadblock with PeopleSoft’s lack of SAML support, CU chose Pathlock’s SAML SSO to integrate their identity provider, Microsoft ADFS, with PeopleSoft. The agency also wanted to secure sensitive data and transactions when accessed outside the secure corporate network. With Pathlock Native for PeopleSoft, CU was able to scale employee self-service transactions for mobile access in a secure fashion.
Challenges
Like most modern identity providers, CU’s ID provider, Microsoft ADFS, uses SAML – the widely accepted identity federation standard. Unfortunately, PeopleSoft applications do not offer native SAML compatibility. Due to the lack of SAML support, CU risked isolating PeopleSoft applications from the rest of the enterprise applications. Following an executive mandate, CU’s Web Operations Team set out to customize an SSO solution for PeopleSoft. However, they found the custom approach to be time-intensive and cumbersome. Additionally, CU wanted to strengthen data security when accessing PeopleSoft Employee Self-Service outside the company network, especially for transactions and menus containing payroll and financial information. The challenge was that PeopleSoft’s static access controls did not allow granular control over what users could and could not access remotely.
Solution
With Pathlock’s SAML SSO, the CU Web Operations Team was able to integrate PeopleSoft with its enterprise-wide SSO and simulate communication between PeopleSoft and ADFS successfully. Thus, centralizing identity management for all enterprise applications. Using Pathlock Native’s context aware rules engine, CU restricted remote access for specific high-risk menus and limited access to low-risk self-service transactions.
Results
Pathlock’s solution for native SAML compatibility in PeopleSoft allowed the CU Web Operations Team to deploy SSO for PeopleSoft without any customization or additional infrastructure. The agency unified the organization with the Single-Sign-On solution, facilitating seamless access for users while improving security. With Pathlock’s dynamic access controls, high-risk payroll transactions and data were protected against unnecessary exposure that comes with remote access. CU ensured security without compromising the convenience and flexibility for executing self-service transactions such as – benefits enrollment, time-entry, and more remotely.
“Pathlock’s functionality and flexibility has allowed us to address multiple business needs with one simple solution. The SAML SSO solution provides seamless and supportable authentication for our multiple PeopleSoft applications while the content filtering capability allows us to securely serve our Employee Self-Service content with an out-of-the-box solution. The net result is a reduction in manual processing, customizations and overall infrastructure support.”
– Mark Noel, PeopleSoft Technical Support