MyCSUSM GreyHeller Firewall
Description
Using the GreyHeller ERP Firewall product, improve MyCSUSM security by implementing DUO MFA for users with elevated access as well as masking and access logging of protected information such as SSN and credit card numbers. Users can unmask if their roles permit. Multi-phased implementation. Additional functionality to be rolled out includes SSO, Location Based Security, High Privilege Access, and Parent/Guardian access 
Status
Completed
Start and Delivery Dates
04/23/2018 to 05/31/2019
Department/Committee
Instructional and Information Technology Services, IITS - Enterprise Applications and Analytics
Status Update
03/18/2019: Project on Track. Currently regression testing our Firewall rules on PeopleTools 8.56.
11/26/2018: Regression testing all firewall rules with new GH plugin
09/11/2018: New implementation paused for upgrade to GreyHeller Plugin 318.
08/23/2018: Start evaluation and implementation of location based security; extending SSO to other users
08/21/2018: On Tuesday, 8/21/2018, phase 1 of the ERP Firewall was applied to MyCSUSM. This includes data masking for sensitive fields such as SSN and DOB, enhanced logging, multi-factor authentication with DUO, and single-sign on with ADFS through the campus app.
08/15/2018: Phase 1 Go Live - 8/21/2018 - SSO through the campus app, data masking, logging, PS TOKEN encryption, and DUO MFA for PFAL Users
04/26/2018: Working w/GH on 4/24 & 4/26 to configure phase1 in CBSMTRS. Still configuring/fine tuning. Discuss w/PFAL next week on a test/MTP. Determine pilot group.
Strategic Alignment
Goal #8 – ENSURE PRIVACY AND PROMOTE SECURITY THROUGH TRANSPARENT AND RESPONSIBLE USE OF DATA AND SYSTEMS
8.1 CSUSM values privacy and security, balancing the security of information with appropriate access and compliance.
8.2 CSUSM adapts to changing requirements, providing ongoing security awareness training, proactively securing systems, and effective data governance.