put your company logo here confidential data upgrade from 8.x to 9.0
TRANSCRIPT
![Page 1: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/1.jpg)
Put your company logo here
Confidential Data
Upgrade from 8.x to 9.0
![Page 2: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/2.jpg)
Speaker
• Michael Stutz - Consultant
• 22 years of IT industry experience
• 15 years of PeopleSoft experience
• PeopleSoft v.2.11 – v.9.0
• Mostly Technical but some Functional
• Primary: HRMS / Payroll / Benefits
• Recently: Campus Solutions
• . . . also some CRM and Financials
• Numerous International Banks
• Very Large Corporations
• Very Small Companies
![Page 3: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/3.jpg)
Agenda
• Who – Who’s data is it anyway?
• What – Elements of Concern
• Why – Driving Factors
• How – Protection in Action
• Where – Environments
• When – & When Not to!
• Tools – Secure, Separate, Scramble
• Questions & Answers
![Page 4: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/4.jpg)
WHO – Has InformationApplications
o HRMS / Payroll / Benefitso Campus Solutions (Student Admin / Financials /
Aid)o Financials (GL / AP / AR / etc.)o Customer Relationship Management (CRM)
Departments or Parts of the Organizationo ITo Call Centerso Marketingo Sales and Sales Operationso HR / Payroll / Benefitso Legalo Finance and Accountingo Research and Development
![Page 5: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/5.jpg)
WHO – Needs Access• Management
o Department Heads (Corporate)o Managers with Direct Reports (Line Managers)
• Back Officeo Human Resources / Payroll / Benefitso Accountingo Corporate Dashboards and Reporting
• ITo Developerso Database & Systems Administrationo IT Management
• Interfaces to Other Organizations
![Page 6: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/6.jpg)
WHO – Is Responsible• Management
o Department Heads (Corporate)o Managers with Direct Reports (Line Managers)
• Back Officeo Human Resources / Payroll / Benefitso Accountingo Corporate Dashboards and Reporting
• ITo Developerso Database & Systems Administrationo IT Management
• Interfaces to Other Organizations
Keep Needs, Access, & Responsibility Synchronized
![Page 7: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/7.jpg)
WHAT
Elements of ConcernoIntellectual PropertyoBusiness Confidential Information
oCustomer and Consumer Data
oEmployee Data
MotionoAt RestoIn Transit within OrganisationoIn Transit on the WWW
![Page 8: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/8.jpg)
WHAT
Intellectual PropertyBusiness Confidential
oBusiness StrategyoProject & CostingoMarketing PlansoBudgets and Forecasts
![Page 9: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/9.jpg)
WHAT
Customer & ConsumeroKey AccountsoContact InformationoProduct or Service IssuesoContracts
![Page 10: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/10.jpg)
WHAT
Employee DataoSocial Security NumbersoDates of BirthoPay InformationoHealth Care InformationoDependants & Dependant Information
oCompany Structure & Internal Contacts
![Page 11: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/11.jpg)
WHY
Risks Internal to Organization
• Employee Negligence
• Malicious Employees
• Business Processes
Risks External to Organization
• Hackers / Theft (Laptops, USB Drives, etc.)
• Competition
• Sarbanes & Oxley / Basel I & Basel II
![Page 12: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/12.jpg)
WHY
Costs
• Confidentiality Legal Issues
• Loss Competitive Edge
• Employee Compensation Issues
Sarbanes & Oxley•Responsibility of Corporations
Basel I & Basel II•Responsibility of Banks•Risk Management
![Page 13: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/13.jpg)
WRITE THIS DOWN . . .
www.wikipedia.org
![Page 14: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/14.jpg)
WHY (SOX)
• Risk Assessment
• Control EnvironmentCulture based on Awareness & Integrity
Keeping Balance: “What is our Business?”
• Control Activities
• Monitoring / Auditing
• Information and Communication
![Page 15: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/15.jpg)
Half Way There!
![Page 16: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/16.jpg)
HOW
Create the Culture
Define Data Types
Identify Who is Responsible and Accountable
Reduce Access
Maintain Controls
Maintain Culture
Test
(steps)
![Page 17: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/17.jpg)
HOW - Create the Culture
Addressed at All Levels of Organization (Vertical)
Addressed across Corporation (Horizontal)
Support of Upper Management (Top Down)
Keep the Balance (Mind Your Business!)
Cost / Benefit / RISKo Money in your Mattress?o Day-trading Penny Stocks?
![Page 18: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/18.jpg)
HOW - Define Data Types
•What is Confidential Data?
•How do I Classify my Data?
![Page 19: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/19.jpg)
HOW - Responsible & Accountable
Identify those Responsible
Identify those Accountable
Identify those who need access
Designate Authority Accordingly
Ensure Responsibility, Accountability, and Authority are properly balanced and applied.
![Page 20: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/20.jpg)
HOW – Reduce Access
Reduction of Access
• Departmental Segregation
• Within IT
• Balanced against Cost
• Balanced against Effectiveness
• Balanced against Trust
![Page 21: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/21.jpg)
HOW – Maintain Controls
Access to Data
• Application Security
• Database Security
• Network Security
Where is my Data?
• Laptops
• PDAs
• Internal / External
![Page 22: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/22.jpg)
HOW – Maintain Culture
Security Awareness
Across The Organization
Vertically within Organization
KEEPING THE BALANCE!
![Page 23: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/23.jpg)
HOW - Test
Audit
Ask!
White Hat
Trigger Monitoring Tools
Triage Scenarios
MIND YOUR BUSINESS
![Page 24: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/24.jpg)
WHERE
PRODUCTION
STAGING
TEST
DEVELOPMENT
VANILLA
TRAINING
![Page 25: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/25.jpg)
WHERE
PRODUCTION
STAGING
TEST
DEVELOPMENT MO
DS
![Page 26: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/26.jpg)
WHERE
PRODUCTION
STAGING
TEST
DEVELOPMENT
DA
TA
![Page 27: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/27.jpg)
WHERE
PRODUCTION
TRAINING METADATA
DATA
![Page 28: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/28.jpg)
WHERE
PRODUCTION
TRAINING
FOUNDATION
CONFIDENTIAL
•Data Scrambler
•Mockup Data
GENERAL DATA
![Page 29: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/29.jpg)
WHEN
Review the Who . . . oDatabase AdministratorsoSystem & Network AdministratorsoDevelopersoManagementoBack Office
![Page 30: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/30.jpg)
WHEN
oDatabase AdministratorsHave Access. Period.
oSystem & Network AdministratorsNo Application AccessAny and All Reports
oDevelopersNegotiable!
oManagement – Application Security
oBack Office – Application Security
![Page 31: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/31.jpg)
WHEN - Developers
Cost / Benefit / Risk
How Many Developers
Organization of DevelopersProduction Support
Modifications & Testing
Database Access
![Page 32: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/32.jpg)
WHEN - Developers
PRODUCTION
STAGING
TEST
DEVELOPMENT
DA
TA
![Page 33: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/33.jpg)
Tools (types)
SecureDatabaseApplication
SeparateApplications (HR & Financials)Roles (Centralized vs Normalized)Environments (TST, DEV, TRN)
ScrambleSelect EnvironmentsOn the Fly
![Page 34: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/34.jpg)
TOOLS - Separate
Identify Data TypesoSSNoDOBoCompensation
Department (Name & EMPLID Scrambled)
Identify Records (Boeing / Princeton)oEMPLIDoCompensation
Paycheck (Not keyed by EMPLID)
![Page 35: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/35.jpg)
WRITE THESE DOWN . . .
www.heres2u.com(Presentation & Resume)
www.sennac.com(RBAC & FURBAC)
(Johan Bethlehem)
![Page 36: Put your company logo here Confidential Data Upgrade from 8.x to 9.0](https://reader036.vdocuments.mx/reader036/viewer/2022062423/56649ee75503460f94bf871a/html5/thumbnails/36.jpg)
Questions
Contact Information:
Michael Stutz
(888) 757-2616
http://heres2u.com