5 HR Data Security Threats in 2014
HR data security – crucially important to any corporate database or software system but maybe particularly so for your HRMS. After all, it’s stuffed full of personal information relating to your employees (on whose good will and good performance you rely, let’s not forget) and usually it handles or is integrated with your payroll package. So, in the event of a breach, that’s social security numbers plus banking details; it’s an identity thief’s dream scenario. So what are the current security topics you need to be focused on to ensure HR data integrity?
Bring Your Own Device
As the tidal wave of mobile use is accompanied by the desire for individuality and personal device use, organisation’s implementing BYOD programs are tackling increased security issues. Security of information up- or downloaded on the move is always a concern but when that data might include payroll and benefits data it is particularly sensitive. The devices may vary from user to user but the security policy and protocols should not.
With mobile come applications and a constant flow of data to and from the internet and the cloud. The latest startup collaborative HR app may offer unparalleled functionality and speed but how proven is its HR data security; apart from anything else, just where is it storing your data? This issue is certainly exacerbated by a BYOD approach and in-house policies might want to consider whether a list of ‘banned apps’ is worth having; and if is, how will it be monitored and enforced.
Even if the data is safe from hacking and cyber attacks, another risk is non-compliance with the local legislation (and multi-national operations may have to consider different and even conflicting laws). One example is the U.S.’s Health Insurance Portability and Accountability Act (HIPAA) which demands native encryption on any device that holds relevant data.
Risk of Litigation Exposure
Another risk beyond simple data loss or theft is the fact that once information is mislaid, you may be subject to legal action from the employee whose data it was. The organization (usually through HR) has a duty of care to safeguard employee privacy and that includes HR data security.
Lack of Awareness
The biggest risk is always human error and that particular factor is greatest when your users are unclear about the true danger of HR data loss. As an indicator, the most recent Ernst & Young annual information security survey found 30% of respondents didn’t see security as an important issue when it came to smartphones and other devices. Once respondent was quoted as saying, “The weakest element in information security is the human factor. As a result, we are constantly improving the awareness programs and introducing new security instruments.” Put simply, lack of awareness = lack of care = loss of HR data security.
In short, the potential data security threats for HR in 2014 are an integrated blend of hardware, software, policy and personal; ignore any of these elements at your peril.
Featured white papers
5 ways HRMS helps you get more out of your HR data
A comprehensive guide to the data analytics capabilities of your HRMSDownload
Four ways data analytics will transform your HR department
If you’ve invested in HR analytics capabilities, expect a few changes in your department’s role
On-premise HRMS security: four tips
How to beef up security for your on-premise HRMS, including disaster recovery, mobile security an...
Three advantages of outsourcing HRMS data security
How your company could benefit by outsourcing HRMS data security to a third party provider