Security Matters

By Denise Goin posted 03-12-2015 02:43 PM


While many aspects of PeopleSoft security have not really changed much since I was first introduced to the product as a university student worker, there have actually been a lot of changes over the past 19 years, especially with Campus Solutions.  From my early days as a student worker as a developer for a University HRMS/Financials implementation, every job I had started as a technical developer position but ended up with either teaching security or doing security. 

At the time I started, PeopleSoft security was a new and somewhat foreign concept to functional and technical alike. Instead of the legacy system where IT pretty much told the functional users what they could have access to, we started asking them what pages they needed access to in order to do their jobs. From that first enablement of the functional teams taking control (and therefore responsibility) of their staff’s access we have continued to engage the functional teams in the design and implementation of the system security.

Alliance conferences have embraced the knowledge transfer and teaching of security concepts to not only security administrators, but the functional people as well, as they struggle to switch gears and understand more and more of the security area, from permission lists and roles, to row level (SACR) security. Starting about 5 years or so ago there was another shift in security as the actual assignment of SACR security was distributed to the actual people that approved it in the past.

I am continually surprised by the number of people that show up to the security presentations. I can remember about 5 years ago, giving a similar presentation to one I had presented two years earlier, on the basics of PeopleSoft Security. Remember, I mentioned that a lot of aspects had not changed? At that point in time the only real changes were related to bringing the security into the web interface.  I showed up to the presenter’s meeting and was told how many people had signed up for my presentation, 112.  I was floored, really 112 people?  New to PeopleSoft security? There were 89 signed up the following year. Same presentation. 

I have come to realize since then that yes, there are constantly new implementations, and new staff hired to handle security either to join teams or to replace people that have left. In addition, there is a very strong PeopleSoft Security “support group” in the HEUG that show up to support each other, and to refresh their memories, or to assist in answering questions that always come up. I am proud to have been part of such a community, and hope to continue to offer support to these great people this coming year.

I discovered over the years that I truly enjoyed working on PeopleSoft security, putting those puzzle pieces together to create a big picture.  I am honored to have two presentations again this year with my wonderful friends John Van Sant from Princeton University and Kamyar Marashi from UC Berkeley. Both presentations are similar to the ones we have done in the past, however we are bringing them into the higher tools levels with some new gotcha’s and tips and tricks. 

Security 101 - Implementing and Beginning/mid-intermediate Security Administration is exactly what it sounds like, a walk down the wonderful road of “OMG, what have I gotten myself into?”  This is a great session not only for new security personnel, but also for project managers, tech leads, and even functional leads that really want to understand how security works and what it all means. Personally, this is my favorite session of the two, I love talking to new people and introducing them to the fun of PeopleSoft security. (Yep, I am slightly twisted in what I consider fun.)

Security 301- Advanced PeopleSoft Security Features and Tips and Tricks from the Battlefield is for more advanced security people.  Or after attending the 101, wander on over and get some more advanced tips and tricks as well as being introduced to much more advanced features of PeopleSoft Security.

As I wrap up, I would like to push a plug for our Security Social Hour.  This has become an annual event, where we get together on Sunday, after the opening ceremony to relax, drink, eat, and catch up on each other lives as well as meet any new PeopleSoft security people that happen to attend.  Information was posted to the HEUG security forum located at