Skip to content
CVChecl logo
  • Products
    • Our Checks
      • National Police Checks
      • Employment Reference Checks
      • Employment and Qualification Checks
      • VEVO Visa and Work Entitlement
      • Credit, Financial and Business Checks
      • Traffic and Licence Checks
      • Predictive Psychometric Assessments
      • International Checks
    • ID Requirements
    • Verify a CVCheck Certificate
    • CVCheck Help
  • About Us
    • Who we are
      • Our History
      • Our Mission and Values
      • Our Board
    • Why CVCheck
    • Integration Partners
    • Investor Center
  • Blog
  • Contact Us
Menu
  • Products
    • Our Checks
      • National Police Checks
      • Employment Reference Checks
      • Employment and Qualification Checks
      • VEVO Visa and Work Entitlement
      • Credit, Financial and Business Checks
      • Traffic and Licence Checks
      • Predictive Psychometric Assessments
      • International Checks
    • ID Requirements
    • Verify a CVCheck Certificate
    • CVCheck Help
  • About Us
    • Who we are
      • Our History
      • Our Mission and Values
      • Our Board
    • Why CVCheck
    • Integration Partners
    • Investor Center
  • Blog
  • Contact Us
CVCheck Checkpoint logo
Search
Close
  • Categories
    • HR
    • Recruitment
    • Talent Acquisition
    • Jobseekers
    • CVCheck News
    • Product News
    • News Affairs
  • Product News
    • National Police Checks
    • Employment Reference Checks
    • Employment and Qualifications Checks
    • VEVO Visa and Work Entitlement Checks
    • Credit, Financial and Business Checks
    • Traffic and License Checks
    • Predictive Psychometric Assessments
    • Working with Children
  • Resources
    • Articles
    • Announcements
    • Case Studies
    • eBooks
    • Infographics
    • Testimonials
    • Videos
    • White Papers
Menu
  • Categories
    • HR
    • Recruitment
    • Talent Acquisition
    • Jobseekers
    • CVCheck News
    • Product News
    • News Affairs
  • Product News
    • National Police Checks
    • Employment Reference Checks
    • Employment and Qualifications Checks
    • VEVO Visa and Work Entitlement Checks
    • Credit, Financial and Business Checks
    • Traffic and License Checks
    • Predictive Psychometric Assessments
    • Working with Children
  • Resources
    • Articles
    • Announcements
    • Case Studies
    • eBooks
    • Infographics
    • Testimonials
    • Videos
    • White Papers

How to ensure your company’s HR is cyber secure in 2019

  • CVCheck By CVCheck
  • January 1, 2019
Employee Ensuring Companys Hr Is Cyber Secure

HR managers sit on the front line when it comes to protecting their company’s sensitive employee information. Here’s how to keep your company’s data safe.

HR managers, hiring managers and those in charge of payrolls look after some of their company’s most private and sensitive personal information, from employees’ bank details to their home addresses. This makes it critical that they are aware of the current threats to data security and how to protect their organisation’s data.

According to a 2016 report, up to 80% of Australian businesses may have suffered data breaches. The report also found that most companies still lack formal security awareness training programs. For the 67% of HR directors who deliver IT tools and access policies as part of their role, it’s enough to make you nostalgic for the days of paper files, however there shouldn’t be in a rush to unplug if you follow these security tips to keep your company’s data secure, while ensuring you’re fulfilling your role’s responsibilities in 2019.

Improve training and awareness

According to leading Australian cybersecurity expert Simon Smith, aka the eVestigator, it’s important to note that cybersecurity is primarily about people and processes, not technology. HR can and should play a vital role in increasing company-wide security training and awareness, as well as making sure adequate employee screening and monitoring procedures are in place.

“Cybersecurity is a complete discipline that has to be adopted across the whole organisation,” Smith says. “There have been many cyber incidents I’ve been called out to where there have been templated HR policies or none at all. If you manage people and processes systematically, you’re on your way.”

Treat all data as sensitive

About to drop some work documents on that USB stick? Not so fast. Smith says many HR managers would be surprised at how even the most insignificant data can potentially expose an entire person’s identity. He recommends not relying solely on passwords, as it’s simply human nature to use abbreviations and other shortcuts that hackers can easily guess.

“Any work data should be protected by two-factor authentication,” Smith says. Known also as two-step verification, this involves adding an extra layer of security that only the user can access, such as a code generated by a physical token.

Any security training should also address the danger of employees being manipulated from outside, also known as social engineering. Smith cites the example of a hacker who, using only a first name, was able to get a list of matching surnames from an HR staffer over the phone, which was then correlated with Facebook profiles to access a wealth of personal information.

Provide access on an as-needed basis

Any monitoring of employees will inevitably bring up issues of ethics and privacy. Smith believes that if done properly, however, security should be seamless to employees. This starts with making sure user roles and user privileges are properly assigned and managed.

“When it comes to access to information, [employees] should know what they need to know, and no more,” he says. “The only frustration that should occur is if they try getting into systems they shouldn’t be able to access.”

Keep your data internal

Laptops, tablets, and smartphones have made it easier to work remotely, but they also add a layer of risk when it comes to data being lost or stolen. Smith says this risk can be minimised by using programs that allow the user to securely log into the company’s systems and work without having to save any files to the local device.

“There should never be any need for HR or company data to be saved to a laptop or device, and any remote access should be subject to the same stringent rules as inside the workplace.”

Use the latest security tools

When it comes to cybersecurity, prevention is always better than a cure. Therefore, it’s important for HR to consult regularly with IT experts in managing and securing its data.

This should include:

• Encrypting HR data that leaves the company via email or other channels.
• Implementing basic security policies, such as strong passwords and internet usage rules.
• Making sure every employee’s computer and/or device is running appropriate antivirus and firewall software.
• Having a removable media policy that restricts the use of USB drives, external hard disks or other portable media.

Many businesses are turning to online HR software that manages their HR data in off-site ‘cloud’ servers. While many of these solutions can offer high levels of data protection and security, no system is completely infallible, and HR staff should be just as security-aware as if the data were stored locally.

Collaboration is key

Cybersecurity can only be effective when everyone in the company is working from the same page, according to Smith. In particular, he says it’s important that the CEO and executive team, and business owners are intimately involved in the cybersecurity needs of the business.

“There have been situations where upper management has been 99% at fault, whether from not listening to advice of employees or not paying contractors,” Smith says. “They need to work closely with the HR managers who are monitoring the people, as well as the policy and project managers. All three need to sync together before you even look at IT.”

It’s often said that people are a company’s biggest asset. However, as Smith likes to point out, it’s also important to remember that when it comes to cybersecurity: “The human is always the weakest link.”

Request a consultation

CVCheck is a leading provider of background screening services in Australia and New Zealand, conducting over 300,000 checks every year for businesses, government organisations, and individuals. Request a consultation with a member of our team to find out how we can help.

Recent Articles

growth will come if we show some care and support cz

From employee suitability to employee sustainability: The case for rescreening

businessman's hands covering paper team on table

Workforce scalability and the contingent workforce

e learning education concept, learning online (1)

What can be done in the fight against fake degrees?

man discussing in oil rig maintenance (1)

Talent shortage in oil and gas means a seamless candidate experience is more important than ever

Browse by

Category

  • HR
  • Recruitment
  • Talent Acquisition
  • Jobseekers
  • CVCheck News
  • Product News
  • News Affairs

Product

  • National Police Checks
  • Employment Reference Checks
  • Employment and Qualifications Checks
  • VEVO Visa and Work Entitlement Checks
  • Credit, Financial and Business Checks
  • Traffic and License Checks
  • Predictive Psychometric Assessments
  • Working with Children

Resource

  • Articles
  • Announcements
  • Case Studies
  • eBooks
  • Infographics
  • Testimonials
  • Videos
  • White Papers

You may also like

Loading...
City Of Tallinn Digital Identity
The Tiger Leap: Lessons we can learn from e-Estonia
Former principal Neil Lennie charged with fraud
How a former principal faked his way through a 50-year career
Dr Matthew Mode Fraudulent Career
From parking valet to plastic surgeon: Extreme fraud could have been prevented with simple reference checks
Valuable Lessons From The Theriault Case
The 5 most valuable lessons from the Theriault Case
CVCheck Checkpoint logo
Powered by
CVCheck logo white

Browse checks

  • National Police Checks
  • Employment Reference Checks
  • Employment and Qualification Checks
  • VEVO Visa and Work Entitlement
  • Credit, Financial and Business Checks
  • Traffic and Licence Checks
  • Predictive Psychometric Assessments
  • International Checks

Quick links

  • About Us
  • Resources
  • CVCheck Help
  • Contact Us

Checkpoint Newsletter

Subscribe now

Connect with us

Facebook-f Linkedin-in Twitter Youtube Instagram
  • Copyright 2022 - CV Check Ltd
  • Privacy Policy
  • Terms of Access

Get the latest news straight to your inbox

Checkpoint provides smart and creative insights in the form of useful tips, resources and relevant information. Each month we will send you the best updates so you stay informed.