PeopleSoft Access ID - Risk of having local / unchanged password
At present PeopleSoft Access ID passwords need to be configured within the application which imposes a risk that the user updating those passwords in PeopleSoft application has the password all the time and can perform any changes.
Considering the Access ID access, this is a big risk seen by the organization.
Using CyberArk password vaults would mitigate the above risk. CyberArk would reset the passwords after the use. However, changing the passwords at runtime, doesn't work for PeopleSoft
We would like Oracle to develop something to mitigate the above risk of having High Privileged account credentials known or enable the Access ID password change during runtime.