Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Personnel Today

Register
Log in
Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

OnboardingHR Technology

How HR can support IT with information security

by Cath Everett 6 Nov 2015
by Cath Everett 6 Nov 2015

Typically data security is the realm of the IT department, but HR can make a huge difference to protecting vital corporate data with the right procedures in place, discovers Cath Everett. 

You might not consider that the average HR professional would have a major role to play in protecting an organisation’s information security activities.

But according to Alan Ryan, director of security practice at security consultancy MTI, HR can make a world of difference simply by creating “open, two-way communications channels” with IT in order to help identify and manage risk.

Key areas in which such risks are highest relate to the processes and procedures involved when employees either join or leave the company, particularly if they depart under a cloud or are made redundant and so might have an axe to grind.

“There need to be strong leavers procedures in place so that IT is made aware when someone has gone and can remove their system access privileges,” warns Ryan. “The issue is that, if leavers are still able to access corporate systems remotely, they can prove to be high risk.”

Position of least trust

Another challenge is dealing with people who are new to the organisation. The problem is that many employers simply assign new joiners the same system access rights as their colleagues without really thinking about whether or not they require them.

“In order to reduce risk, you should take the position of least trust,” says Ryan. “So only give people as much access as they need to do the job and don’t just give them remote access just because others in the department have it.”

To make the process consistent and repeatable, access rights should ideally be assigned to individuals based on their specific job description – something that HR, line managers and IT would all benefit from working on together.

As a result, if someone is demoted, promoted or moved sideways, their access rights would change based on their new job description and in line with their working requirements – rather than simply just keeping everything intact because it has always been that way.

“Most companies make changes after something’s happened, but really prevention is better than cure in terms of risk mitigation,” Ryan says.

“A common, open communications channel between HR and IT would help to identify lots of risk areas and would certainly be more cost-effective than having lots of systems going down.”

Avatar
Cath Everett

Cath has been a journalist and editor for more than 20 years, specialising in HR and technology issues.

previous post
BBC spent close to £500,000 fighting unfair dismissal claim
next post
Egypt: Employment rights for staff stranded in Sharm el-Sheikh

You may also like

Hire quality vs speed: Finding the perfect balance...

29 Jun 2022

White-hot recruitment market? William Tincup talks to Oven-Ready...

24 Jun 2022

CIPD Festival of Work: ‘AI can help us...

15 Jun 2022

How HR can mitigate the risks and reap...

10 Jun 2022

Right-to-work: first digital identity check providers revealed

6 Jun 2022

What is employee wellbeing? Gethin Nadin talks to...

13 May 2022

Productivity blighted by users’ tech problems, research reveals

6 May 2022

How to enhance your hire to retire processes...

27 Apr 2022

Four ways technology can help improve health and...

26 Apr 2022

Work in the metaverse: what should HR prepare...

1 Apr 2022
  • NSPCC revamps its learning strategy with child wellbeing at its heart PROMOTED | The NSPCC’s mission is to prevent abuse and neglect...Read more
  • Diversity versus inclusion: Why the difference matters PROMOTED | It’s possible for an environment to be diverse, but not inclusive...Read more
  • Five steps for organisations across the globe to become more skills-driven PROMOTED | The shift in the world of work has been felt across the globe...Read more
  • The future of workforce development PROMOTED | Northumbria University and partners share insight...Read more

Personnel Today Jobs
 

Search Jobs

PERSONNEL TODAY

About us
Contact us
Browse all HR topics
Email newsletters
Content feeds
Cookies policy
Privacy policy
Terms and conditions

JOBS

Personnel Today Jobs
Post a job
Why advertise with us?

EVENTS & PRODUCTS

The Personnel Today Awards
The RAD Awards
Employee Benefits
Forum for Expatriate Management
OHW+
Whatmedia

ADVERTISING & PR

Advertising opportunities
Features list 2022

  • Facebook
  • Twitter
  • Instagram
  • Linkedin


© 2011 - 2022 DVV Media International Ltd

Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+