Presentation is loading. Please wait.

Presentation is loading. Please wait.

Put your company logo here Confidential Data Upgrade from 8.x to 9.0.

Published byChristine Bryan Modified over 9 years ago

Similar presentations

Presentation on theme: "Put your company logo here Confidential Data Upgrade from 8.x to 9.0."— Presentation transcript:

1 Put your company logo here Confidential Data Upgrade from 8.x to 9.0

2 Speaker Michael Stutz - Consultant 22 years of IT industry experience 15 years of PeopleSoft experience PeopleSoft v.2.11 – v.9.0 Mostly Technical but some Functional Primary: HRMS / Payroll / Benefits Recently: Campus Solutions... also some CRM and Financials Numerous International Banks Very Large Corporations Very Small Companies

3 Agenda Who – Who’s data is it anyway? What – Elements of Concern Why – Driving Factors How – Protection in Action Where – Environments When – & When Not to! Tools – Secure, Separate, Scramble Questions & Answers

4 WHO – Has Information Applications o HRMS / Payroll / Benefits o Campus Solutions (Student Admin / Financials / Aid) o Financials (GL / AP / AR / etc.) o Customer Relationship Management (CRM) Departments or Parts of the Organization o IT o Call Centers o Marketing o Sales and Sales Operations o HR / Payroll / Benefits o Legal o Finance and Accounting o Research and Development

5 WHO – Needs Access Management o Department Heads (Corporate) o Managers with Direct Reports (Line Managers) Back Office o Human Resources / Payroll / Benefits o Accounting o Corporate Dashboards and Reporting IT o Developers o Database & Systems Administration o IT Management Interfaces to Other Organizations

6 WHO – Is Responsible Management o Department Heads (Corporate) o Managers with Direct Reports (Line Managers) Back Office o Human Resources / Payroll / Benefits o Accounting o Corporate Dashboards and Reporting IT o Developers o Database & Systems Administration o IT Management Interfaces to Other Organizations Keep Needs, Access, & Responsibility Synchronized

7 WHAT Elements of Concern o Intellectual Property o Business Confidential Information o Customer and Consumer Data o Employee Data Motion o At Rest o In Transit within Organisation o In Transit on the WWW

8 WHAT Intellectual Property Business Confidential o Business Strategy o Project & Costing o Marketing Plans o Budgets and Forecasts

9 WHAT Customer & Consumer o Key Accounts o Contact Information o Product or Service Issues o Contracts

10 WHAT Employee Data o Social Security Numbers o Dates of Birth o Pay Information o Health Care Information o Dependants & Dependant Information o Company Structure & Internal Contacts

11 WHY Risks Internal to Organization Employee Negligence Malicious Employees Business Processes Risks External to Organization Hackers / Theft (Laptops, USB Drives, etc.) Competition Sarbanes & Oxley / Basel I & Basel II

12 WHY Costs Confidentiality Legal Issues Loss Competitive Edge Employee Compensation Issues Sarbanes & Oxley Responsibility of Corporations Basel I & Basel II Responsibility of Banks Risk Management

13 WRITE THIS DOWN... www.wikipedia.org

14 WHY (SOX) Risk Assessment Control Environment Culture based on Awareness & Integrity Keeping Balance: “What is our Business?” Control Activities Monitoring / Auditing Information and Communication

15 Half Way There!

16 HOW Create the Culture Define Data Types Identify Who is Responsible and Accountable Reduce Access Maintain Controls Maintain Culture Test (steps)

17 HOW - Create the Culture Addressed at All Levels of Organization (Vertical) Addressed across Corporation (Horizontal) Support of Upper Management (Top Down) Keep the Balance (Mind Your Business!) Cost / Benefit / RISK o Money in your Mattress? o Day-trading Penny Stocks?

18 HOW - Define Data Types What is Confidential Data? How do I Classify my Data?

19 HOW - Responsible & Accountable Identify those Responsible Identify those Accountable Identify those who need access Designate Authority Accordingly Ensure Responsibility, Accountability, and Authority are properly balanced and applied.

20 HOW – Reduce Access Reduction of Access Departmental Segregation Within IT Balanced against Cost Balanced against Effectiveness Balanced against Trust

21 HOW – Maintain Controls Access to Data Application Security Database Security Network Security Where is my Data? Laptops PDAs eMail Internal / External

22 HOW – Maintain Culture Security Awareness Across The Organization Vertically within Organization KEEPING THE BALANCE!

23 HOW - Test Audit Ask! White Hat Trigger Monitoring Tools Triage Scenarios MIND YOUR BUSINESS

24 WHERE PRODUCTION STAGING TEST DEVELOPMENT VANILLA TRAINING

25 WHERE PRODUCTION STAGING TEST DEVELOPMENT MODS

26 WHERE PRODUCTION STAGING TEST DEVELOPMENT DATA

27 WHERE PRODUCTION TRAINING METADATA DATA

28 WHERE PRODUCTION TRAINING FOUNDATION CONFIDENTIAL Data Scrambler Mockup Data GENERAL DATA

29 WHEN Review the Who... o Database Administrators o System & Network Administrators o Developers o Management o Back Office

30 WHEN o Database Administrators  Have Access. Period. o System & Network Administrators  No Application Access  Any and All Reports o Developers  Negotiable! o Management – Application Security o Back Office – Application Security

31 WHEN - Developers Cost / Benefit / Risk How Many Developers Organization of Developers Production Support Modifications & Testing Database Access

32 WHEN - Developers PRODUCTION STAGING TEST DEVELOPMENT DATA

33 Tools (types) Secure Database Application Separate Applications (HR & Financials) Roles (Centralized vs Normalized) Environments (TST, DEV, TRN) Scramble Select Environments On the Fly

34 TOOLS - Separate Identify Data Types o SSN o DOB o Compensation  Department (Name & EMPLID Scrambled) Identify Records (Boeing / Princeton) o EMPLID o Compensation  Paycheck (Not keyed by EMPLID)

35 WRITE THESE DOWN... www.heres2u.com (Presentation & Resume) www.sennac.com (RBAC & FURBAC) (Johan Bethlehem)

36 Questions Contact Information: Michael Stutz (888) 757-2616 http://heres2u.com

Download ppt "Put your company logo here Confidential Data Upgrade from 8.x to 9.0."

Similar presentations

Mission Oriented, Customer Focused

Mission Oriented, Customer Focused
The IT Staff of the Future: The Importance of IT Business Alignment for Staff Development Katherine Spencer Lee Executive Director Robert Half Technology.

The IT Staff of the Future: The Importance of IT Business Alignment for Staff Development Katherine Spencer Lee Executive Director Robert Half Technology.
Managing IT Risk during a Global Business Merger Cheryl Danson April 2005.

Managing IT Risk during a Global Business Merger Cheryl Danson April 2005.
Accounting and finance Introduction to accounting.

Accounting and finance Introduction to accounting.
Chapter 1 Business Driven Technology

Chapter 1 Business Driven Technology
CONTROLLER/ BACK OFFICE Roles Qualifications Success Metrics 10-20 years working experience in similar positions CPA or equivalent Knowledge of BPO industry.

CONTROLLER/ BACK OFFICE Roles Qualifications Success Metrics years working experience in similar positions CPA or equivalent Knowledge of BPO industry.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation
Security Controls – What Works

Security Controls – What Works
Enterprise Systems.

Enterprise Systems.
Dashboard Company Settings Controlled Online Accounting.

Dashboard Company Settings Controlled Online Accounting.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
CMS Fall Forum Fall 2003 November 18, 2003 Lorraine Frost.

CMS Fall Forum Fall 2003 November 18, 2003 Lorraine Frost.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Business Careers & Practices Week 1 Careers and Jobs in Accounting and Management Work Functions of Accounting and Management Technicians Business Functions.

Business Careers & Practices Week 1 Careers and Jobs in Accounting and Management Work Functions of Accounting and Management Technicians Business Functions.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Building an efficient pipeline for your bank communication

Building an efficient pipeline for your bank communication
Enterprise Resource Management

Enterprise Resource Management
The future shape of business is being redefined through outsourcing.

The future shape of business is being redefined through outsourcing.
LOGO Business Intelligence System Mr. Natapong Wongprommoon Solution Architect G-ABLE Company Limited

LOGO Business Intelligence System Mr. Natapong Wongprommoon Solution Architect G-ABLE Company Limited

Similar presentations

Ads by Google