dcsimg

Data Protection: Five Challenges Facing the Enterprise HR Department

  • Data Protection: Five Challenges Facing the Enterprise HR Department

    Data Protection: Five Challenges Facing the Enterprise HR Department-

    Circulating Policy Manuals In-House Only

    Company rules and regulations for employees need to be accessed by the whole office and for this reason would be considered "tier two" information. Policy for this class of information requires less protection for more visibility. Best practice for securing this type of data is an employee discretionary security policy and encryption.

1 | 2 | 3 | 4 | 5 | 6 | 7

Data Protection: Five Challenges Facing the Enterprise HR Department

  • 1 | 2 | 3 | 4 | 5 | 6 | 7
  • Data Protection: Five Challenges Facing the Enterprise HR Department-4

    Circulating Policy Manuals In-House Only

    Company rules and regulations for employees need to be accessed by the whole office and for this reason would be considered "tier two" information. Policy for this class of information requires less protection for more visibility. Best practice for securing this type of data is an employee discretionary security policy and encryption.

HR departments are faced with a unique set of security challenges. The department is responsible for keeping confidential information about internal staff as well as external clients, but a big part of their job is circulating policies and inter-office communications, which everyone needs to access. Added to that, HR departments are responsible for sharing employees' private and personally identifiable information (PII) with external providers and agencies including health plans, banks and the IRS. Managing who can see sensitive information needs a solution with the flexibility to protect against insider threats, potentially destroying files automatically, while enabling secure sharing.

Fasoo classifies the types of data the department handles into two tiers. Tier one, which includes intellectual property, executive compensation, board of directors' files, customer lists and financial data, requires the highest level of protection, which includes automatic encryption and assigning a security policy upon creation. Tier two information includes policy manuals, inter-office correspondence and pre-release public files, which is less sensitive.

This slideshow looks at five functions of an enterprise HR department and points to policy controls required of a security solution to support the specific access and permission requirements for each tier of information.