Educause Security Discussion mailing list archives

Re: 2fa for PeopleSoft?

From: Brad Judy <brad.judy () CU EDU>
Date: Fri, 2 Jun 2017 17:11:46 +0000

There isn’t a native PS function for this, nor a native way to do it between just PS and AD (to my knowledge).  We did 
it here using Duo, GreyHeller ERP Firewall and PeopleSoft roles.  We have a combination of page-based MFA and 
role-based MFA.  Unfortunately, a rework of the Educause site seems to have broken content on prior SPC events, so 
here’s a direct link to the whitepaper I wrote for the session I did two years ago:
http://www.educause.edu/sites/default/files/library/presentations/SEC15/SESS05/University%2Bof%2BColorado%2BMultifactor%2Bauthentication%2Bfor%2BHR%2Bself.docx

Of course, there are probably other ways to address the multifactor decision-making layer (where we have GH ERPFW) and 
naturally other options for the MFA tool itself (we use Duo).

Brad Judy

Information Security Officer
Office of Information Security
University of Colorado
1800 Grant Street, Suite 300
Denver, CO  80203
Office: (303) 860-4293
Fax: (303) 860-4302
www.cu.edu<http://www.cu.edu/>

[u-logo_fl]



From: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Greg Jackson <gjackson () SDCCD EDU>
Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Friday, June 2, 2017 at 10:50 AM
To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] 2fa for PeopleSoft?

I knew this at one time, but knowledge is fleeting (at least at my age) and often obsolete. So I’d appreciate help from 
anyone with current wisdom.
Here’s the question: What are the options to enable 2fa for PeopleSoft applications on a user-by-user basis (that is, 
some users are forced to use 2fa, for others it’s offered optionally, and neither of the above for the rest)?
For example, I’m wondering about native PS functionality, native functionality in the authenticating AD, third-party 
products associated with PS, ditto with AD.
And, if you have used one or more of these options, recommendations as to which works best?
Many thanks in advance for any public or private guidance you can provide!

Greg Jackson
sdccd.edu ● gjackson.us ● 1-619-388-6868 ● gjackson () sdccd edu

Current thread:

2fa for PeopleSoft? Greg Jackson (Jun 02)
- <Possible follow-ups>
- Re: 2fa for PeopleSoft? Brad Judy (Jun 02)