SUPEROP Procedure (CS, HR)

access peoplesoft security cs elevated RefreshLinks2024

Create a PeopleSoft Elevated Access Ticket: https://support.csuchico.edu/TDClient/1984/Portal/Requests/ServiceDet?ID=45005
Verify TDx Workflow steps are assigned and completed
1. CS:
  1. EAPP Director
  2. CS Data Owner (or MPP Delegate)
  3. HR Data Owner (or MPP Delegate) - required in CS because SUPEROP unlocks also sync to HR
  4. Information Security Officer
2. HR
  1. EAPP Director
  2. HR Data Owner (or MPP Delegate)
  3. Information Security Officer
To grant access, log into PeopleSoft, navigate to PeopleTools > Security > User Profiles
Look up SUPEROP OPRID
Uncheck "Account Locked"
Using a password generator, generate a complex 30 character password, and reset the password to SUPEROP
Using MOVEit, send a non-descript message to EAPP (Tony Fierro, Mark Axtell, or Satya Paruchuri) with only the generated PWD password in the message body
1. Enable the following options:
  1. Delivery Receipt(s) (enable)
  2. Prevent "Reply All" (enable)
  3. Password will expire after 30 days (enable)
Confirm w/ EAPP developer when the password is received, and they are able to log in
Request ISEC be alerted immediately when SUPEROP access is no longer required
When access needs to be disabled
1. Re-generate a complex 30-character password, and rotate the password to SUPEROP
2. Repeat this process twice
3. Lock the account
4. Complete the workflow task in the assigned TDx ticket, indicating as soon as access is removed.

0 reviews

Details

Article ID: 114510

Created

Tue 7/30/24 3:46 PM

Modified

Wed 7/31/24 2:53 PM