SLAC Computer Security
Search SLAC

PeopleSoft Accounts

Confidential Use Requirements
Persons with access to confidential and private information are required by Federal and State privacy laws to keep it confidential.
It is against SLAC policy to have PII anywhere outside of our protected PeopleSoft data network (EPN). It is also against SLAC policy to transfer or store any PII in an unencrypted manner. No copies of of such data can be stored outside of the protected area where PeopleSoft stores it (EPN network).
Failure to abide by these policies is very serious and could impact your position at SLAC.
Excerpt from a Lee Lyon memo to all employees dated June 1, 2008: "You are expected to review Stanford/SLAC policies on the use and handling of confidential information and to maintain current knowledge of them.  Please review the following Administrative Guide Memos: #1, University Code of Conduct, section 3, found at http://adminguide.stanford.edu/1.pdf ; #15.2, Staff Policy on Conflict of Commitment and Interest, Section 2.b, found at http://adminguide.stanford.edu/15_2.pdf; and #63, Information Security found at http://adminguide.stanford.edu/63.pdf."
Approval Process - Note: Changes in Process Are Not Complete Yet
Everyone who is hired at SLAC is required to read and sign a Confidentiality Expectations form and return it to HR.
Users requiring access to SLAC PeopleSoft should send their request to the HR Manager (Karen Lawrence) or Purchasing Manager (Barry Miller) or Accounting Manager (Yen Tran), depending on their job function and need to access PeopleSoft. At this time there is no additional training or forms signed to get a PeopleSoft account. The HR/Purchasing/Accounting Manager will review the request.
If approved by HR/Purchasing/Accounting Manager then they will forward the request to PeopleSoft Software Manager.
If PeopleSoft Software Manager approves they will forward the request, along with the business unit Manager's approval to PS-Admin@slac.stanford.edu for account creation. This email from PeopleSoft Software Manager must also state the roles needed.
PS-Admin notify Desktop Administrator to verify the "Requirements to Obtain Access" have been met. Once that is confirmed PS-Admin will set up account and respond to ticket and original requester when completed.
Requirements to Obtain (and Maintain) Account Access - Note: Subject to Change
  1. Remote access only through Citrix (this will eventually be restricted to a different, more locked down Citrix farm).
  2. SLAC Network access to PeopleSoft only from:
    1. A fully centrally supported Windows Desktop machine, fully patched with the SLAC Windows group's released service packs and patches, and in active directory (other operating systems and Windows in virtual machines are forbidden to be used for this purpose). These machines are required to have all Microsoft and third party patches applied before their designated SLAC Computer Security patch deadline.
    2. A desktop with a fully supported, functioning AV client with the latest AV signatures.
    3. A desktop with an IP address registered with BSD for this purpose - BSD will maintain the list.
    4. A Windows account which does not have any admin rights to the desktop used to access PeopleSoft.

If these requirements are not met it will result in loss of access to PeopleSoft for the machine and/or user.

Security Monitoring of Account Changes
When someone receives a PeopleSoft HR account they are added to a report sent to a member of Computer Security daily. Particular attention is paid to those persons who also have SLAC issued laptops, VPN or Citrix accounts.
 

Owner: SLAC Computer Security
Page Created: 06/13/2008
Last Updated: 07/22/2010
Feedback: Please send to
Computer Security Feedback