2019-01-28-hrexaminer-photo-img-security-series-8-part-john-sumser-cc0-via-pexels-by-pixabay-cyber-security-cybersecurity-device-60504-edit-544x300px.jpg

“20% of employees would sell their passwords, with 44% of them willing to do it for less than $1,000. Some would give up their corporate credentials for less than $100… and workers in the U.S. looked most willing to put their passwords up for sale.”


This is the first in a long series of articles about making Security a part of the HR agenda. The 8 part series addresses the somewhat counterintuitive notion that all HR Departments should be the heart of company security.

==========

Why Focus Your HR Department on Security

 
Technology is evolving faster than we can keep pace with. Shifting definitions, laws, and sensibilities concerning privacy and personal data combine with rapidly evolving technologies to produce a climate ripe for subterfuge, misunderstanding, and missed cues. Meanwhile, the working level employee is in possession of extraordinary tools that make her capable of surveilling the company from the inside while loading critical data onto her smartphone.

The spectrum of security issues ranges from outright intentional damage to the sloppiness that comes from a lack of commitment or concern. Lack of concern can equate to missed security upgrades, inattention to phishing schemes, loose individual security practices (password management), and other security policy violations. Intentional damage can range from participation in corporate espionage to taking sensitive information after termination.

Fortune Magazine reported that:

“…20% of employees would sell their passwords, with 44% of them willing to do it for less than $1,000. Some would give up their corporate credentials for less than $100… and workers in the U.S. looked most willing to put their passwords up for sale.”

Sailpoint, the company that did the survey behind Fortune’s reporting, notes that

• 65% of employees use a single password to secure their accounts; and,
• 42% of employees could access their corporate accounts after termination.

Employees are both security threats and targets. There is every reason to believe that morale and commitment to the company are key factors in protecting the company’s physical and intellectual property. This paper lays out an approach to build a Security Center of Excellence within the company HR Department.

The goal is to tie workforce development issues to the company’s security needs; to position security as a pivotal value and as a measure of organizational health. The security track record is symbolic of corporate cohesion.

Shifting legal frameworks regarding the management of personal information coupled with increased power in the hands of individual employees make this a timely discussion. By starting now, a company can gain real competitive advantage in the face of predictable changes.

==========

The Security Series: HR as Security Leader

1: Overview – Why Focus Your HR Department on Security? Link »
2: Introduction Link »
3: Context – Shifting Technology Link »
4: Context – Increasing Employee Power Link »
5: The Ecosystem of Security Issues Link »
6: The Future of Security Issues Link »
7: The HR Security Center of Excellence Link »
8: Getting Started Link »
 



 
Read previous post:
HRExaminer v10.04

In honor of Martin Luther King Day, Heather Bussing has Thoughts on Discrimination, the complete diversity series from The HRExaminer....

Close