How do you justify making a significant investment in protecting your PeopleSoft systems? We at UCF learned first hand following a highly publicized breach in January 2016. We had to balance the demand of law enforcement and lawyers with investigating the incident while preserving forensic integrity while moving to protect our systems. During this time, there were many costs associated with the data loss. We will discuss the hidden and direct costs on the organization as a whole as well as, the mitigation strategy moving forward. Find out what happens after a breach directly from Felicia Kendall, IT Infrastructure Manager at UCF. Felicia led the investigation of the PeopleSoft technical teams to provide information to the ISO. She is also leading many of the resultant PeopleSoft projects for mitigation and prevention of future intrusions.Actions after the breachProviding ISO Security Incident Response Team (SIRT) with critical information to coordinate efforts for with law enforcement, Lawyers, Administration and constituentsBreach costsDirectCredit monitoringLawsuitsIndirectInternal resourcesTimeInsurance adjustmentsBrand identityMitigation StrategyProtection moving forward – other initiativesPS Security redesignPurging old dataAutomated deprovisioningData masking of SSNLocation based authentication for administrative accountsLogging of activity for users in the systemTwo Multi-Factor authenticationAt loginPage levelLessons learned
Higher Education User GroupMesa, AZ 85212 United States
support@heug.org
M-F 8 AM to 5 PM MST
Join HEUG
Community Council
Interest Areas
Resources
Alliance Conference
Global Meetings
Online Webinars
Code of Conduct
Privacy Policy
Terms of Service
HEUG Code of Conduct
Copyright 2026 Higher Education User Group, Inc.
Copyright © 2026 Higher Education User Group, Inc.