• Home

  • Documents

  • Is HR Data Security Compromised by Mobile HRIS Apps
4
Is HR Data Security Compromised by Mobile HRIS Apps 19 Feb’15 Mobile enablement without increasing HR data security risks – something to think about. With so much information in the news recently about cyber security and data security breaches, I thought it would be a good idea to start off the New Year with a discussion about how HR leaders can ensure HR data security, even as the propensity for employees to use their own mobile devices for work continues to grow. The debate over security risks posed by mobile devices in the workplace, including laptops, personal Smartphone’s, tablets, and now the newly-defined “phablets” (cell phones large enough to also serve as a tablet), has been waging for a few years now, with IT largely controlling the discussion in most companies. However, as human resource management software (HRMS) providers rush to develop HRIS mobile apps to accommodate a workforce that demands access to the information they need around the clock, HR managers are moving front and center into the discussion. Confronted with security concerns related specifically to the personnel data they collect and manage, including national IDs (e.g. social security number-SSN or social insurance number-SIN), driver’s license numbers, compensation rates, birth dates, and ethnicity information, human resource managers are realizing the importance of developing and implementing HR data protection policies and procedures that incorporate the use of mobile devices. In early 2014, Coca-Cola had to notify approximately 70,000 current and former employees that stolen laptops resulted in the exposure of their social security numbers, driver’s license numbers, and other personal information collected as part of the employment process. As reported by Kristin Cifolelli for the SBAM , the security breach, which occurred because data encryption policies and other security procedures were not followed, is expected to cost the company millions to rectify. Bringing the problem even further into the HR camp is the fact that most data security breaches are caused by a company’s own employees.

Is HR Data Security Compromised by Mobile HRIS Apps

Embed Size (px)

Citation preview

Page 1: Is HR Data Security Compromised by Mobile HRIS Apps

Is HR Data Security Compromised by Mobile HRIS Apps19 Feb’15

Mobile enablement without increasing HR data security risks – something to think about.

With so much information in the news recently about cyber security and data security breaches, I thought it would be a good idea to start off the New Year with a discussion about how HR leaders can ensure HR data security, even as the propensity for employees to use their own mobile devices for work continues to grow. The debate over security risks posed by mobile devices in the workplace, including laptops, personal Smartphone’s, tablets, and now the newly-defined “phablets” (cell phones large enough to also serve as a tablet), has been waging for a few years now, with IT largely controlling the discussion in most companies. However, as human resource management software (HRMS) providers rush to develop HRIS mobile apps to accommodate a workforce that demands access to the information they need around the clock, HR managers are moving front and center into the discussion.

Confronted with security concerns related specifically to the personnel data they collect and manage, including national IDs (e.g. social security number-SSN or social insurance number-SIN), driver’s license numbers, compensation rates, birth dates, and ethnicity information, human resource managers are realizing the importance of developing and implementing HR data protection policies and procedures that incorporate the use of mobile devices. In early 2014, Coca-Cola had to notify approximately 70,000 current and former employees that stolen laptops resulted in the exposure of their social security numbers, driver’s license numbers, and other personal information collected as part of the employment process. As reported by Kristin Cifolelli for the SBAM, the security breach, which occurred because data encryption policies and other security procedures were not followed, is expected to cost the company millions to rectify. Bringing the problem even further into the HR camp is the fact that most data security breaches are caused by a company’s own employees.

Mobile HR Solutions on the Increase

HR & Payroll Software vendors are focusing on developing for mobile technologies first, as they build new products and add features to existing systems. This includes offering hundreds of HRIS mobile apps for learning, performance management, scheduling, employee directories, employee and manager self-service, talent acquisition, and even succession management. The good news is that mobile apps provided by HR system vendors typically have built-in safeguards and are considered “enterprise-ready,” thereby causing fewer HR data security concerns. As opposed to mobile apps such as Drop box, Google Drive and Trello, which are popular productivity-enhancing tools, but which still bring security risk concerns. As industry vendors feed the mobile trend with new technology, IT and HR teams are scrambling to set rules and guidelines that attempt to embrace the benefits of mobile devices while controlling the risks. And according to an article by SHRM online editor/manager Aliah D. Wright, the trend toward employees using their own personal mobile devices for work “is unlikely to lose steam.” Studies cite multiple benefits when arguing that mobile devices should be welcomed as a permanent workplace tool:

1. Increased efficiencies2. Increased productivity3. Easier collaboration4. Real-time decision making opportunities5. Increased workforce satisfaction

Page 2: Is HR Data Security Compromised by Mobile HRIS Apps

6. Support for the needs of mobile, telecommuting employees

The longevity of the trend seems even more apparent as more companies stop providing employees with laptops or other mobile devices and, instead, require that employees bring their own device to work (BYOD). This saves the company money on hardware and enables employees to maintain their work and personal information on their preferred device. HR leaders are also seeing increased adoption of new programs that can be delivered on mobile devices. The increased adoption is credited to the employee’s comfort level with the device. Even the Federal government is making a huge investment in mobile technologies. According to a study by the Mobile work exchanges, $1.6 billion has been spent on Federal workforce mobilization. Federal HR managers predict a savings of $15.1 billion just on reduced real estate costs, since a mobile, telecommuting workforce doesn’t require as many office buildings. Hundreds of millions in additional productivity gains is also predicted, as mobile-empowered employees will be able to continue operating even in the face of a “natural or man-made event.” The ability to attract top talent by offering better teleporting options is yet another anticipated benefit. But security concerns are still cited as the number one obstacle to greater progress, and encryption and security training are cited as major priorities going forward.

Mobile Data Security is a Shared Responsibility

Despite these growing trends, many employers still place the bulk of the responsibility for device security on the employee, asking them to sign policy documents agreeing to use complex passwords, avoid use of public Wi-Fi, and even agree to have their devices wiped remotely in the event they are lost, stolen, or the employee leaves the company. But it is important for company executives to take responsibility, as well. Here are a few areas on which to focus:

1)      Employee education and training

2)      Encryption implementation

3)      Taking advantage of available mobile-device management products

4)      Forcing multi-factor authentication and password cycling

5)      Providing a set of approved and secure “enterprise-ready” apps

6)      Limiting the use of employee personal data as identifiers or authenticators

7)      Limiting employee access to only the systems and data they require doing their job

The last topic is especially important to keep in mind when implementing a new HR system. Be sure to discuss best practices for security role setup and assignments with your software vendor or implementation consultant. A successful HRIS Implementation will include an in-depth review of your holistic HR data access requirements and related system security capabilities.  Your consultant should be able to help you assess risks while also identifying gaps in employee needs. By reviewing your current offerings and discussing desired improvements with your implementation consultant, you gain a knowledgeable partner to help plan mobile enablement without increasing HR data security risks.


Manual HRIS

Manual HRIS

Documents
Ramco Hris

Ramco Hris

Documents
Hris Planning

Hris Planning

Documents
Project HRIS Sample

Project HRIS Sample

Documents
HRIS Issues

HRIS Issues

Technology
Hris@Heritage 2010

Hris@Heritage 2010

Documents
HRIS Audit Report

HRIS Audit Report

Documents
Mis Project- Hris

Mis Project- Hris

Documents
Compromised Medis

Compromised Medis

Documents
Simaster Hris

Simaster Hris

Documents
Business Productivity: Selecting the Best HRIS Productivity: Selecting the Best HRIS ... Business Productivity: Selecting the Best HRIS for ... (HRIS) to meet their needs

Business Productivity: Selecting the Best HRIS Productivity: Selecting the Best HRIS ... Business Productivity: Selecting the Best HRIS for ... (HRIS) to meet their needs

Documents
Taj Hotel's HRIS

Taj Hotel's HRIS

Recruiting & HR
HRIS Apps and Reporting Methods

HRIS Apps and Reporting Methods

Technology
HRIS – Human Resources Information Solution RESOURCE GUIDE: HRIS INTRO … Intro - On... · 2019-12-30 · HRIS Resource Guide . I - Internal Use Only July 15, 2019. HRIS INTRO

HRIS – Human Resources Information Solution RESOURCE GUIDE: HRIS INTRO … Intro - On... · 2019-12-30 · HRIS Resource Guide . I - Internal Use Only July 15, 2019. HRIS INTRO

Documents
HRIS Application

HRIS Application

Documents
HRIS - SAP module

HRIS - SAP module

Documents
HRIS Policya

HRIS Policya

Documents
HRIS Presentation

HRIS Presentation

Documents
hris PROJECT

hris PROJECT

Documents
HRIS MANUAL

HRIS MANUAL

Documents
Hris report

Hris report

Documents
Human Resource Information Systems Contents Introduction HRIS – Objectives PROCESS HRIS – Advantages & Disadvantages HRIS – Stages of Development

Human Resource Information Systems Contents Introduction HRIS – Objectives PROCESS HRIS – Advantages & Disadvantages HRIS – Stages of Development

Documents
Evolution of Hris

Evolution of Hris

Documents
HRIS for SharePoint

HRIS for SharePoint

Software
Final Hris

Final Hris

Documents
Medically compromised

Medically compromised

Health & Medicine
USER MANUAL FOR HRIS QUALIFY - ihris.org Web viewHuman Resource Information System (HRIS) HRIS . ... Introduction. HRIS Qualify is a ... USER MANUAL FOR HRIS QUALIFY Last modified

USER MANUAL FOR HRIS QUALIFY - ihris.org Web viewHuman Resource Information System (HRIS) HRIS . ... Introduction. HRIS Qualify is a ... USER MANUAL FOR HRIS QUALIFY Last modified

Documents
Compromised patient

Compromised patient

Documents
HRIS Flyer

HRIS Flyer

Documents
Hris Teaasaas

Hris Teaasaas

Documents