We are looking to implement a Workday in our environment and want to ensure that we’re following security best practices. Is there a primer or guide on how to effectively and efficient secure Workday? SaaS Security tends to be overlooked across industries and I wanted to get this subreddit’s thoughts and recommendations on good security standards to implement.

I’m thinking of several safeguards and controls, such as:

* Periodic Compliance Assessments
* Control Reviews and Configuration Checks
* Role-based Access Control and Segregation of Duties
* Periodic Access Reviews
* Enforce MFA for privileged and administrative users
* Data Protection: CASB and/or DLP integration
* SIEM logging of Workday access and audit logs

What else needs to be done? I don’t want to reinvent the wheel here and would be interested in knowing if there are any automated compliance and configuration checking solutions, as well as any penetration testing guides, out there as well.

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.