State Of Kansas Secures Sensitive PeopleSoft Data With Pathlock’s Dynamic Data Masking
The State of Kansas wanted to allow all employees and non-employees to access PeopleSoft self-service seamlessly within and outside the corporate network on their mobile devices. Over a two-year period, the State expanded access to PeopleSoft from 12,000 to all 50,000 state employees, including contractors, truck drivers, police officers, and state police medical contractors who would be using iPads and various mobile and remote workstations. Realizing that opening PeopleSoft applications to the public internet could pose significant security and compliance concerns, the state administration approached Pathlock to fortify their PeopleSoft environment.
The State of Kansas did not have any third-party data masking capability deployed for their production or non-production environment. In their existing PeopleSoft environment, masking was incomplete, offered no flexibility, and only worked on select delivered pages. The native masking functionality was not working sufficiently for their HCM and FSCM power users. When the State rolled out access to its 50,000 employees, they realized the need for added security layers so the State employees could access the internet seamlessly on any device for mobile and remote workstations. Additionally, as their roles were getting more complex, access control became a critical requirement that out-of-the-box PeopleSoft features could not fulfill.
To fill the security gaps in access control and usage, Pathlock aimed to equip their FSCM and HCM pillars with advanced features to improve remote access control, manage risk exposure, and increase the visibility of user activity. Using Pathlock Native for PeopleSoft, the State deployed MFA capabilities, contextual data masking, and dynamic access controls to achieve their desired results.
Using Pathlock Native for PeopleSoft, the State of Kansas implemented field-level masking of sensitive data across their PeopleSoft HCM and FSCM applications. Our solution helped the State monitor employee access and usage regardless of the seniority or the technology stack they were using. They also implemented location-based security to protect access to certain pages for users outside the State’s network. Pathlock’s dynamic data masking solution works on customized pages, and they were able to roll out masking in a staged manner based on their business requirements.
Following the implementation of Pathlock’s dynamic data masking capabilities, the State of Kansas leveraged their existing static data masking to challenge users to reconfirm identity at a page level, especially for remote self-service transactions. Pathlock’s solution improved the State’s visibility into the activities of privileged users while allowing them access to sensitive data to perform their roles efficiently. These solutions were cost-effective since they could be deployed without any custom development or additional software. The State has plans to expand the use of Pathlock’s data masking in their future projects.