Educause Security Discussion mailing list archives
Re: 2fa for PeopleSoft?
From: Brad Judy <brad.judy () CU EDU>
Date: Fri, 2 Jun 2017 17:11:46 +0000
There isn’t a native PS function for this, nor a native way to do it between just PS and AD (to my knowledge). We did it here using Duo, GreyHeller ERP Firewall and PeopleSoft roles. We have a combination of page-based MFA and role-based MFA. Unfortunately, a rework of the Educause site seems to have broken content on prior SPC events, so here’s a direct link to the whitepaper I wrote for the session I did two years ago: http://www.educause.edu/sites/default/files/library/presentations/SEC15/SESS05/University%2Bof%2BColorado%2BMultifactor%2Bauthentication%2Bfor%2BHR%2Bself.docx Of course, there are probably other ways to address the multifactor decision-making layer (where we have GH ERPFW) and naturally other options for the MFA tool itself (we use Duo). Brad Judy Information Security Officer Office of Information Security University of Colorado 1800 Grant Street, Suite 300 Denver, CO 80203 Office: (303) 860-4293 Fax: (303) 860-4302 www.cu.edu<http://www.cu.edu/> [u-logo_fl] From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Greg Jackson <gjackson () SDCCD EDU> Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Friday, June 2, 2017 at 10:50 AM To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] 2fa for PeopleSoft? I knew this at one time, but knowledge is fleeting (at least at my age) and often obsolete. So I’d appreciate help from anyone with current wisdom. Here’s the question: What are the options to enable 2fa for PeopleSoft applications on a user-by-user basis (that is, some users are forced to use 2fa, for others it’s offered optionally, and neither of the above for the rest)? For example, I’m wondering about native PS functionality, native functionality in the authenticating AD, third-party products associated with PS, ditto with AD. And, if you have used one or more of these options, recommendations as to which works best? Many thanks in advance for any public or private guidance you can provide! Greg Jackson sdccd.edu ● gjackson.us ● 1-619-388-6868 ● gjackson () sdccd edu
Current thread:
- 2fa for PeopleSoft? Greg Jackson (Jun 02)
- <Possible follow-ups>
- Re: 2fa for PeopleSoft? Brad Judy (Jun 02)