Related papers: Comparative Security Performance of Workday Cloud ERP Across Key Dimensions

Comparative Security Performance of Workday Cloud ERP Across Key Dimensions

URL: http://arxiv.org/abs/2511.15840v1
Date: Wed, 19 Nov 2025 19:57:37 GMT
Title: Comparative Security Performance of Workday Cloud ERP Across Key Dimensions
Authors: Monu Sharma, Abhishek Jain,
Abstract summary: This study examines five key dimensions confidentiality, integrity, availability, authentication, and compliance with weighted sub metric analysis and qualitative document review.<n>The platform uses encryption protocols, granular access controls, network safeguards, and continuous verification mechanisms to enable least-privilege access and adaptive defense.
Score: 4.994627793890095
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Workday is a cloud-based Enterprise Resource Planning-ERP system that brings HR, Finance, Supply Chain functions , Prism Analytics and Extend custom built in application together under an integrated software as a service SaaS environment. As every organization that undergoes digital transformation, the importance of securing sensitive enterprise data in cloud ERP systems has always been more challeging. To analyze Workday's security architecture, we present a Security analysis in both CIA Triad Enhanced Framework and Zero Trust Security Architecture. The study examines five key dimensions confidentiality, integrity, availability, authentication, and compliance with weighted sub metric analysis and qualitative document review. The results show Workday delivers a composite score of 0.86 with an overall score that closely matches international standards of best practices like GDPR, HIPAA, SOC 2, etc. The platform uses encryption protocols, granular access controls, network safeguards, and continuous verification mechanisms to enable least-privilege access and adaptive defense. Security groups and business process access rules provide scalable governance across very large organizational structures.Workday's layered security to tackle everyday cloud security weaknesses. The work concludes that Workday's architecture demonstrates the best practices for secure, scalable, and compliant ERP application-oriented deployment, which can make this a standard for enterprise cloud security management. These insights provide important guidance for organizations that wish to bolster their cloud ERP defenses and stay ahead of changing regulatory expectations.

Related papers

Workday's Approach to Secure and Compliant Cloud ERP Systems [0.0]
Workday's compliance with global standards shows its ability to best protect critical financial, healthcare, and government data.<n>A comparative review demonstrates enhanced risk management, operational flexibility, and breach mitigation.<n>The paper also explores emerging trends, including the integration of AI, machine learning, and blockchain technologies.
arXiv Detail & Related papers (2025-10-31T12:25:06Z)
Bridging the Mobile Trust Gap: A Zero Trust Framework for Consumer-Facing Applications [51.56484100374058]
This paper proposes an extended Zero Trust model designed for mobile applications operating in untrusted, user-controlled environments.<n>Using a design science methodology, the study introduced a six-pillar framework that supports runtime enforcement of trust.<n>The proposed model offers a practical and standards-aligned approach to securing mobile applications beyond pre-deployment controls.
arXiv Detail & Related papers (2025-08-20T18:42:36Z)
Prescriptive Zero Trust- Assessing the impact of zero trust on cyber attack prevention [0.0]
The research assesses the likelihood of quantifiable guidelines that measure cybersecurity maturity for an enterprise organization.<n>This is a new, data driven methodology for quantifying cyber resilience enabled by the adoption of Zero Trust principles.<n>The outcomes of this research define a prescriptive set of key technical controls that characterize the comprehensive ZTA deployment.
arXiv Detail & Related papers (2025-08-18T14:30:00Z)
OpenAgentSafety: A Comprehensive Framework for Evaluating Real-World AI Agent Safety [58.201189860217724]
We introduce OpenAgentSafety, a comprehensive framework for evaluating agent behavior across eight critical risk categories.<n>Unlike prior work, our framework evaluates agents that interact with real tools, including web browsers, code execution environments, file systems, bash shells, and messaging platforms.<n>It combines rule-based analysis with LLM-as-judge assessments to detect both overt and subtle unsafe behaviors.
arXiv Detail & Related papers (2025-07-08T16:18:54Z)
LLM Agents Should Employ Security Principles [60.03651084139836]
This paper argues that the well-established design principles in information security should be employed when deploying Large Language Model (LLM) agents at scale.<n>We introduce AgentSandbox, a conceptual framework embedding these security principles to provide safeguards throughout an agent's life-cycle.
arXiv Detail & Related papers (2025-05-29T21:39:08Z)
Zero-Trust Foundation Models: A New Paradigm for Secure and Collaborative Artificial Intelligence for Internet of Things [61.43014629640404]
Zero-Trust Foundation Models (ZTFMs) embed zero-trust security principles into the lifecycle of foundation models (FMs) for Internet of Things (IoT) systems.<n>ZTFMs can enable secure, privacy-preserving AI across distributed, heterogeneous, and potentially adversarial IoT environments.
arXiv Detail & Related papers (2025-05-26T06:44:31Z)
Software Security Mapping Framework: Operationalization of Security Requirements [12.04694982718246]
The Software Security Mapping Framework is a structured solution designed to operationalize security requirements across hierarchical levels.<n>The framework systematically maps 131 refined security requirements to over 400 actionable operational steps spanning the software development lifecycle.<n>It is grounded in four core security goals: Secure Software Environment, Secure Software Development, Software Traceability, and Vulnerability Management.
arXiv Detail & Related papers (2025-05-22T06:34:48Z)
Towards Trustworthy GUI Agents: A Survey [64.6445117343499]
This survey examines the trustworthiness of GUI agents in five critical dimensions.<n>We identify major challenges such as vulnerability to adversarial attacks, cascading failure modes in sequential decision-making.<n>As GUI agents become more widespread, establishing robust safety standards and responsible development practices is essential.
arXiv Detail & Related papers (2025-03-30T13:26:00Z)
Combined Hyper-Extensible Extremely-Secured Zero-Trust CIAM-PAM architecture [0.0]
This paper introduces the Combined Hyper-Extensible Extremely-Secured Zero-Trust (CHEZ) CIAM-PAM architecture.<n>The framework addresses critical security gaps by integrating password-less authentication, adaptive multi-factor authentication, microservice-based PEP, multi-layer RBAC and multi-level trust systems.<n>It also includes end-to-end data encryption, and seamless integration with state-of-the-art AI-based threat detection systems.
arXiv Detail & Related papers (2025-01-03T09:49:25Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
A Study on the Security Requirements Analysis to build a Zero Trust-based Remote Work Environment [2.1961544533969257]
This paper proposes detailed security requirements based on the Zero Trust model and conducts security analyses of various cloud services accordingly. As a result of the security analysis, we proposed potential threats and countermeasures for cloud services with Zero Trust.
arXiv Detail & Related papers (2024-01-08T05:50:20Z)
Exploring Security Practices in Infrastructure as Code: An Empirical Study [54.669404064111795]
Cloud computing has become popular thanks to the widespread use of Infrastructure as Code (IaC) tools. scripting process does not automatically prevent practitioners from introducing misconfigurations, vulnerabilities, or privacy risks. Ensuring security relies on practitioners understanding and the adoption of explicit policies, guidelines, or best practices.
arXiv Detail & Related papers (2023-08-07T23:43:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.