by Paul Finch, managing director of Konetic
Security in the HR department used to be relatively simple. Data was kept in bulky paper-based files stored away in filing cabinets. Who should hold the key was the main topic for debate. However, this locked-up data was rarely updated and gaining access was not always straightforward.
Over recent years, however, the HR landscape has been transformed with the emergence first of automated file-based systems and subsequently of cloud-based applications. Because the cloud supports high performance computing power, it can capture and analyse huge quantities of data quickly. Its use also gives HR departments more say in the type of IT application they use. HR was not often seen as such a mainstream part of a business as finance or marketing for example. So, its needs were sometimes ignored by IT teams.
Consequently, when cloud technology began to gain a hold, HR departments often found it easier to get sign-off for what they needed, because of the lower costs and the fact that systems could be turned on and off as and when required.
In many cases, too, this process has transferred the responsibility for security from IT to HR – and in most countries this information will have legal protection. Responsibility lies with the data owner or manager, rather than the cloud provider.
This all comes at a time when an increasing amount of employee data is being held – and as more businesses begin to recognise the value of data analytics to identify and predict trends, these volumes are likely to grow further. In times of high unemployment, companies sometimes receive hundreds of applications for each vacancy and corporations running large-scale recruitment programmes such as graduate trainee schemes usually have to handle an exceptional amount of data to fill only a few positions. All this data must be carefully stored and managed in compliance with the various global data protection requirements which vary across different regions across the world from the US to Europe to Asia. Things have come a long day since the old days of the locked filing cabinet.
The Security Dimension
With HR technology decisions now falling to the HR team, how can they ensure that this information is held with the right security in place? Or, if the IT department is still involved, what questions must the HR team ask to ensure the chosen provider meets the stringent standards required by their department?
It is an area on which cloud sceptics have historically focused their concerns. And it’s certainly the case that with the public cloud there could be issues. True SaaS shares one software solution (with all upgrades, automatically provided to all users instantly) and one universally shared database hosted in the cloud.
This means a private or hybrid cloud may be a better choice. With a private cloud, organisations have dedicated resources, giving more control and opportunities for customisation while still offering scalability and flexibility. With the hybrid version, sensitive data can be held privately, while other data is kept on a public system.
Also, the cloud provider can decide where to store the data and even move it around to different centres across the world. This distributed architecture can improve the reliability of the cloud service – and its affordability as the provider can optimise their overheads at any given time. However, at the same time, it does mean that the data owner (who is ultimately responsible) has diminished control.
For European businesses, this can cause problems if it is transferred outside the EU. For example, if data is held in the US, the Patriot Act can override any EU protection, giving the authorities the legal right to sift the data and take control. For those holding personal and confidential candidates’ and job-seekers’ information, this can be highly concerning.
So here are some points to consider when selecting a cloud provider:
Most cloud providers within the HR space will be aware of their customers’ concerns about security and happy to answer these questions. You may well find that their security levels exceed a customer’s normal standards and even go beyond the required accreditation or IL-level benchmarks.
Concerns about security are understandable. But if these questions can be answered satisfactorily, there are also many benefits to be gained – not least the opportunities to use on-demand affordable yet highly-effective solutions that often offer fast return on investment through the efficiencies they bring.
Konetic’s solutions offer a secure, high volume, SaaS based eRecruitment solution.
Contact us for an initial discussion about your eRecruitment needs.
1 Temple Avenue
London EC4Y 0HA
(020) 3053 9160
77 High Street
Kent ME4 4EE
(020) 3053 9166