Yes, the Division of IT has decided to remove the SSN Vault and all associated integrations by June 2018. We’ll restore SSNs to all PeopleSoft pillars at once in November 2017 and other applications by May 2018. The Vault will be decommissioned in June 2018.
The SSN Vault is increasingly unsupportable. First, there are custom and unsupported components created by staff who are no longer employed by the university. Second, the vendor support windows for the underlying platforms (Oracle and Red Hat Enterprise Linux) are rapidly closing. Staying with older versions is risky and prevents us from taking advantage of new application features, but upgrading is not an option. Furthermore, there is also the possibility future PeopleSoft versions may no longer be compatible.
We have a project underway to retire the SSN Vault. Project deliverables include augmenting the security of the applications and databases, restoring SSNs to PeopleSoft finance, student and HR modules, restoring SSNs to other applications that are currently using AltID, and retiring the vault infrastructure.
Division of IT has identified business processes in all the affected applications that are currently using AltID. We have made plans to modify these processes to coincide with the return of SSNs to the applications to minimize impact to users.
Users who currently have access to SSNs from the Vault will no longer see the rollover popup that previously displayed the SSN where an AltID existed on the page. Instead, the user will now see the full SSN or the last 4 digits of the SSN where the AltID used to be.
Users who do not currently have access to SSNs from the Vault will still see the page field that used to have the AltID, but it will be blank.
There will also be changes to PS Query, which allows users to interact with the PeopleSoft databases through the application for custom reporting. We will be segmenting tables that contain SSN into a different security zone to prevent those who do not have access to SSNs from accessing them through this tool. For users with access to SSN, nothing will change. For those who do not have access, they may not see all the queries seen previously. If there is a query that is no longer available after the change, the user should contact their respective PeopleSoft development team to develop a fix.
Finally, within the HR module, we will not be putting the SSNs into the PS_UM_Employees table. Where AltID existed previously, it will now be a blank column.
What security changes will you be making to the applications and databases?
The Division of IT is responsible for ensuring that the infrastructure, platforms, databases, and applications that store SSN have a high degree of security protection to prevent an SSN data breach. To do this the Division of IT will implement data encryption, data redaction, logging, and access controls.
In addition, we are reviewing all users and accounts that have direct access to PeopleSoft databases. We have begun contacting these users and are asking them to create Administrative IDs for individual access and submit justification requests so that we may review and document all privileged access to PeopleSoft databases. Justifications will need to be submitted by November 3, 2017 to ensure that approved access remains uninterrupted after the change occurs on November 19.
What is data redaction?
Data redaction is the obscuring of all or a portion of a sensitive data element, in this case the SSN. Within PeopleSoft, we will apply data redaction controls to fully block the SSN data on pages where the user is not authorized to see it, allow only the last 4 digits of the SSN if that is sufficient for the user’s need, or display the whole SSN when justified by the business need. What you see will depend on the level of permission you have within the application.
How will you determine who gets access to the SSN in PeopleSoft?
Prior to returning the SSNs to PeopleSoft, we will conduct an audit of users who currently have SSN Vault access. We will ensure that the user still has a business need for the SSN data and whether that user needs the full SSN or just last the four digits. Then the user will be assigned to the appropriate role(s) in PeopleSoft. There should be no interruption in access at the time the SSNs are returned to PeopleSoft.
The following quick reference guides provide screenshots and more information about what you can expect to see on web pages that include social security numbers.
The Division of IT is creating additional development instances of each PeopleSoft pillar for the initial round of testing. The new security control structure and data redaction features will be applied there first and tested by the PeopleSoft developers and a limited set of functional users. Once the development environments are complete, the changes will be put into user acceptance testing (UAT) instances of each pillar where full functional testing will occur before go-live. UAT will begin on or about October 12, 2017 and conclude by October 27.
Additionally, we are planning to rehearse the go-live in October and November 2017. We hope to find any gaps in our knowledge to ensure the actual go-live is smooth on November 17-19.
We are implementing database level redaction for the UM Data Warehouse (UMDW). This means that we will use database access controls to determine who can see partial or full SSNs.
Redaction has already been implemented on the UMDW dev environment and will be implemented in test and production by the end of October. We are communicating this to UMDW users directly about this change.
We currently plan start migration after 6PM on November 17, 2017 and finish by 5PM on the 19th. This will require a complete outage to all PeopleSoft applications for the duration of the migration.
At the time of the conversion, we will create AltID/SSN crosswalk tables within each PeopleSoft pillar. We will keep this information post-migration for validation and troubleshooting purposes, but we are unaware of any long term business needs for AltID. If you have any processes or applications that will need the AltID/SSN translation to continue functioning, please contact the project manager, Terry Robb (882-5555, RobbTL@missouri.edu), as soon as possible.
Contact the project manager, Terry Robb (882-5555, RobbTL@missouri.edu), as soon as possible.