The Pennsylvania State University Fills Security Gaps With Pathlock Native For PeopleSoft
Following the implementation of PeopleSoft Campus Solutions for admissions, financial aid, and records & transcripts, IT Security leaders at Penn State University quickly identified potential security gaps – the most pressing being a lack of 2 Factor Authentication for identity authorization. In addition, further security assessments revealed a potential data leak threat with sensitive PII (ex. social security numbers) being available to access without additional role delegations being required. Needing a PeopleSoft- integrated solution for these security concerns, Penn State began evaluating options to fill these gaps.
Like many large higher education institutions, Penn State consists of a large global campus – with students, faculty, and staff accessing Campus Solutions all over the globe. Given the sharp increase in breach attempts at large institutions worldwide, Penn State began a thorough assessment of security solutions for intrusion protection and data loss prevention. They sought various consultants, and other colleagues in the Big 10, and even consulted with The Higher Education User Group (HEUG). Penn State was then referred to Pathlock Native for PeopleSoft. Adopting DUO for 2-Factor Authentication, Penn State then leveraged Pathlock’s solution to roll out 2FA widely, providing secure access across all their integrated PeopleSoft applications and on all form factors.
Following the adoption of Pathlock Native for PeopleSoft, Penn State immediately began seeing the value of the enhanced logging features. With the ability to identify usage patterns from access on various form factors in various locations, these insights equipped security leaders with the data to thoroughly monitor their systems – providing the most up-to-date and relevant usage data to senior leadership. While protecting their users’ most sensitive data, Penn State was able to leverage Pathlock Native for PeopleSoft flexibility to implement a system that did not compromise PeopleSoft’s usability.
‘‘Given the definite gaps in the ERP application, I don’t know how we could live without the capabilities of the Application Security Platform; I don’t know how you would protect your data. It is just not optional in today’s environment. Matthew Scott, IT Manager.’’
– Penn State University