How to implement encryption of Social Security numbers in PeopleSoft
October 2008 by Ulf Mattsson, CTO, Protegrity Corporation
You can implement encryption of data such as Social Security numbers in PeopleSoft by using solutions from a certified group of partners that are deployable with automated database security solutions that operates with no changes to PeopleSoft applications.
Some solutions offer an “out-of-the-box” automated database access control solution with extensive key management capabilities for selectively encrypting, securing and controlling access to database information at the data-item level for PeopleSoft applications. PeopleSoft presenting partner solutions that works with ‘minimal or no changes to underlying PeopleSoft applications, which allows for fast integration, cost-effective security and privacy mandate conformity and will provide an effective last line of defense protecting against unauthorized and un-auditable access of sensitive information’. Some of these solutions can also track the identity of the real user accessing the application. There are three commonly accepted baseline implementation and function requirements for a successful PeopleSoft data encryption solution. However, each system layer approach delivers an encrypted solution in a different manner and address a multitude of different requirements. These requirements are broken out between critical requirements, must-haves for a solution to effectively secure the data, and practical requirements, factors that make it feasible for an enterprise to deploy a solution.
The three different approaches reviewed in this paper are: Application-Layer, Database-Layer and File-Storage-Layer. Please review more information about this topic at