官方二维码

 
 

Information Security: HR Holds the Key

   日期:2007-11-01     来源:www.hroot.com    浏览:233    评论:0    
核心提示:Another employee transfers from one division to another. But she continues to access the first division’s accounting sy

  Securing company information begins with an identity management process.

  Worms, viruses and Trojan horses make the headlines. But the vast majority (over 80% according to industry experts) of security breaches come from inside the organization, in the form of data theft, sabotage and fraud. Securing against these internal threats starts with making sure that your users get access to only the information they are authorized to see. But the world’s best locks can’t help you if you don’t know who has the keys.

  Consider the following scenarios:

  An employee is terminated and his desktop and network login is disabled. But when he goes home, he logs on to the company intranet.

  Another employee transfers from one division to another. But she continues to access the first division’s accounting systems.

  An employee gives a subordinate her password in order to use a contact-management application. The subordinate then uses this password to access a network drive.

  Technology can help address these scenarios but there is no technology silver bullet for identity management issues. For example, single sign-on authentication would address the first two scenarios by providing a single means of access to all systems, and allow all access to be revoked in one shot. But single sign-on actually contributes to the last scenario, by allowing more access to the subordinate than was intended.

  HR can play a central role in the identity management process. It’s not good enough to have secure passwords or smart cards if systems across the company don’t recognize employee status changes. HR is in the best position to communicate these changes across the organization. HR also has experience with securing sensitive information about employees and can be a partner in developing and administering a strong information security policy.  

 
打赏
免责声明:
本网站部分内容来源于合作媒体、企业机构、网友提供和互联网的公开资料等,仅供参考。本网站对站内所有资讯的内容、观点保持中立,不对内容的准确性、可靠性或完整性提供任何明示或暗示的保证。如果有侵权等问题,请及时联系我们,我们将在收到通知后第一时间妥善处理该部分内容。
 

Information Security: HR Holds the Key二维码

扫扫二维码用手机关注本条新闻报道也可关注本站官方微信账号:"chrmers",每日获得互联网最前沿资讯,热点产品深度分析!
 
0相关评论

 
最新招聘
推荐图文
推荐管理技术
点击排行
最新管理技术

首页| 关于我们  |  商业采访  |  投稿指南  |  联系方式  |  使用协议  |  版权隐私  |  网站地图| 排名推广 | 广告服务| 积分商城| 留言反馈|违规举报

人力资源经理网(CHRM) Copyright © 2005-2021 All Rights Reserved 京ICP备05004986号-10 京公网安备11010802023849号 电信与信息服务业务经营许可证:京ICP证161055号