HR departments are faced with a unique set of security challenges. The department is responsible for keeping confidential information about internal staff as well as external clients, but a big part of their job is circulating policies and inter-office communications, which everyone needs to access. Added to that, HR departments are responsible for sharing employees' private and personally identifiable information (PII) with external providers and agencies including health plans, banks and the IRS. Managing who can see sensitive information needs a solution with the flexibility to protect against insider threats, potentially destroying files automatically, while enabling secure sharing.
Fasoo classifies the types of data the department handles into two tiers. Tier one, which includes intellectual property, executive compensation, board of directors' files, customer lists and financial data, requires the highest level of protection, which includes automatic encryption and assigning a security policy upon creation. Tier two information includes policy manuals, inter-office correspondence and pre-release public files, which is less sensitive.
This slideshow looks at five functions of an enterprise HR department and points to policy controls required of a security solution to support the specific access and permission requirements for each tier of information.
An eWEEK Property
Copyright 2020 Quinstreet Inc. All Rights Reserved.
Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.