Avoid Customization – Mask Sensitive Data just by Configuration

Page and Field Configurator

Data privacy, also referred to as information privacy, is the information technology (IT) component that deals with the right of an entity or person to decide what data can be exchanged with third parties within a computer system. Data Security has been a very important and intriguing topic in the industry for the past few years. Data privacy laws and regulations apply in many parts of the world to secure the sensitive and personal information.

To align with the data privacy regulations, The Page and Field Configurator feature provisions the masking of sensitive data on PeopleSoft Systems where the tools version is 8.57.11 or higher.

Data Masking using Page and Field Configurator is available now from PeopleSoft HCM 9.2 Image 33.

As the name indicates, Page and Field “Configurator” (PFC), allows the user to change the properties of page and field by configuration.

Following are some of the capabilities of PFC –

  1. Fields can be hidden or disabled
  2. Pages can be hidden
  3. Field Labels can be modified

To list a few, fields can be hidden or disabled / pages can be hidden / field labels can be modified and fields can you can hide fields or whole pages, modify field labels , and disable fields.

The process of masking data using Page and Field Configurator involves –

  1. Defining Mask Profiles – Building / Defining Mask Profiles marks the initial step in identifying masking criteria. Mask profiles are delivered Out of the Box and the user can also create new ones based on the business needs.

Navigation – Enterprise Components > Page and Field Configuration > Define Mask Profiles

Delivered PeopleSoft masking choices with sample configurations are:

  • Complete Masking

  • Unmask trailing characters (Partial Masking – Can be used for Credit Card or Bank Account Number)

  • Date masking (Entire or Partial)

  • Setup table-based masking (Specific to unique requirements)

  1. Define Field Group Page – This is to define common masking profile for similar set of fields

Navigation – Enterprise Components > Page and Field Configuration > Define Field Group

The above has been configured for Complete Masking. Similar configurations can be made to define Field Group for the other Masking profiles also.

  1. Configuring Data Masking Using Page and Field Configurator

Navigation – Enterprise Components > Page and Field Configuration > Page and Field Configurator

  • Select the Component whose fields have to be masked.
  • Configuration Type needs to be “Masking”

  • Select the fields that need to be masked and select the masking profile appropriately

  • After the masking profile has been selected, the profile status should be “Changed”.
  • Click on the User List Tab, select the options to whom the configured data masking will be applicable for.
  • There are multiple options available to select as indicated in the screen below –

For Eg: The below configured data masking will be applicable to the user – “RCHANNING”. This means that a user with userid “RCHANNING”, will be able to see the “MASKED” data and any other user will see the “UNMASKED” data.

  • Click on “Map to Portal Registry”, select portal and apply configuration.

From an end user’s perspective,

  • Login as End User “RCHANNING”
  • Navigate to Workforce Administration > Personal Information > Biographical > Driver’s License Data
  • Select an employee on the search screen

  • The Driver’s License Nbr and Valid from Date is masked as per the configuration.

Benefits:

  1. Data Masking can be enabled without customizing code
  2. Configuration can be enabled for a specific user, users list, specific role, single role (with Exceptions as well)
  3. Multiple criteria can be defined based on the component fields

Author
Dhruv Prasad
PeopleSoft Techno-Functional Consultant