The 5 Ws of HR Technology Security

HR Tech Tips

Has your organization authored a security plan for your HR Technology? If not, the time is now.

With more and more scams plaguing the digital world these days, it’s imperative for business leaders to know what steps to take in an HR technology emergency. Start the process of authoring an HR technology catastrophe preparedness plan by considering The 5 Ws.

WHO – Identifying WHO needs to be involved during a technology emergency is step one. Keep an updated list of contacts for internal and external support personnel. Consider your vendor support teams in this list as well.

WHAT – Know WHAT the objectives are for your plan. Obviously, you want to protect the sensitive data within your organization (employee PHI, banking info, etc.). Consider any other information you want to protect, like access to web content or proprietary processes.

WHERE – Define WHERE your sensitivities lie and the ways to access each one. Target the areas within your HR technology for specific steps in the event of a technology catastrophe to support the ability to act quickly.

WHEN – Track WHEN your systems are backed up and updated. Notice any variance in the schedule and reach out to vendor support teams with any inquiries and resolution.

WHY – Communicate WHY the security plan is important to your internal team. Educate your team on the importance of the plan and help them familiarize with each step that applies to each department.

Once the 5 Ws are defined and identified, the remainder of the plan will be easier to author. A simple process for authoring such a plan is to adhere to these five principles:

  1. Protect – a solid security plan should be both proactive and reactive, considering all potential “points of entry” for all types of data sets.
  2. Respond – your security plan should detail not only the steps that will need to be taken, but also include additional information such as weblinks and login credentials for timely and efficient responses.
  3. Recover – planning out the recovery process is important. Consider contingency plans and opportunities with careful precision.
  4. Test – this is the most crucial part of any plan. Business leaders will have more confidence and find more success in a well-tested plan.
  5. Repeat – schedule times to run through your security plan several times per year or even per month. Repetition will help your team identify opportunities for efficiencies as well as any missed needs for additional security.

If you’d like to discuss how Henderson Brother’s technology solutions, best practices, and vendor partners can help with the intricacies of your Human Resources needs, please contact Maggie Boucher, senior consultant, at (412) 754-3245 or email [email protected].

boucher card

Please note that the information contained in this posting is designed to provide general awareness in regard to the subject matter covered. It is not provided as legal, medical, or tax advice, nor is it intended to address all concerns in your workplace or for public health. No representation is made as to the sufficiency for your specific company’s needs. This post should be reviewed by your legal counsel or tax consultant before use.