Security

Heartbleed, Ticketbleed… When Network Infrastructure Security Lets us Down

When securing enterprise systems every PeopleSoft customer knows they need strong passwords and secure networks. A good firewall is a critical first line of defense. But is your firewall as secure as you think? Ticketbleed, the latest network infrastructure vulnerability, was all over the news today. A quick internet search will turn up several valuable responses, but just for context, Ticketbleed, reminiscent of Heartbleed, is a vulnerability in the SSL/TLS layer of a wide variety of F5 firewalls and load balancers. Today’s news reminds us that even the best network and security infrastructure is vulnerable to compromise. Ticketbleed, Heartbleed, and other vulnerabilities make it very clear: network security infrastructure is not enough.

Yellow Caution Sign

Oracle’s CVE-2015-4852 Update

Oracle released an out of band security update today for issues within Oracle Weblogic Server. Recommendations are to apply the patch and mitigation steps as soon as possible. Read More.

Securing PeopleSoft

Automation of Identity Management Ensures Data Security

Why is identity management (IDM) such a challenging issue facing security personnel in today’s fast moving business environment? Security professionals are concerned with outside hackers, malicious insiders and accidental data loss. By not focusing on internal processes around their employees’ changing roles and responsibilities, organizations are missing a key area of risk.

layered approach to protecting peoplesoft access

Why you should take a layered approach to securing PeopleSoft access

A layered approach is critical to protect your PeopleSoft system against multiple threat vectors. Deploying a series of security barriers requires the bad guys to defeat all of them to breach the PeopleSoft system. A layered approached significantly reduces an organization’s daily risk, and their possible breach costs. Read More.

Cyber Security

PS_TOKEN: A Final Note

As a final note, we wanted to be clear that PeopleSoft (and PeopleTools) is as secure – or more secure – than any other ERP platform. The approach of cracking encryption keys is a threat vector that can be exploited for any secure web application accessible from the public internet.