SECURITY IN HRHow secure are your files… really?

Welcome! Please feel free to grab lunch at the back of the room

and we’ll get started shortly!

DAVID SECUNDAWorkBright CEODigital onboarding solutions for seasonal and rapidly hiring businesses

What We’ll Cover

• Headlines• The Scale• HR Targeted• How• Best Practices• Tips & Tricks

1

“It’s been a rough year for data security.

“ Including headlines losses from HR

Plus the SMB’s we don’t hear about…

Breaches are happening across ALL industries

Naperville = 144,864 Wrigley Field (41,072)+ Soldier Field (61,500)+ US Celluar (40,015)+ Ryan Field Northwestern (47,130)= 189,717

And the AVERAGE data loss is ENORMOUS

189,853 records lost per breach

HR people are the worst.

I mean, their job is to open up

and files all day. “

The HR Profile is Identity Theft GOLD

Identity Theft▫ Apply for Credit▫ Get ID▫ Tax Refunds▫ Medical Treatment

The HR Profile is Identity Theft GOLD

• Name• Nicknames, maiden names • Other Names• Current and past addresses• Social Security Number• Phone number• Birthdate• Email address• Medical (Health) history• Routing & checking acct #s• Salary information• Driver’s license• Licenses & certifications• College transcripts• Background check results• Fingerprints• Immunization records• Bios and Photos• Passport & social security card images

AWARENESS REDUCES EXPOSURE

Awareness starts with UNDERSTANDING

Let’s talk about how this happens.

“

How data is compromised…“the most common scenario appears to be the one in which a single employee gains access to the hard, paper version” Half Analog

◦ Photocopier◦ Recycling◦ Conversation◦ Files

Half Digital◦ Wrong Email◦ Wrong Fax◦ Email

Compromised◦ Sharing

Folders◦ Hiding

Columns

62%

How data is compromised…

Crimeware◦ Phone Pfishing◦ Email Pfishing◦ Website

Forgery◦ Malware > Link

Manipulation◦ Evil twin

wireless

Best PracticesWhere do you store old HR files?

Best Practice: Minimize Access!

Start with NO access policy

Then ask yourself:

• Do I need immediate access to this?• Do I need to hold on to this forever?• Do I really need to share this with…?

Best PracticesWhat’s wrong with this picture?

Best Practice: Slow Down!

Ask yourself:

• Is this email request logical?

• Is the URL correct?

• Does the login look different?

Best PracticesWhat do you do if you get this email?

Best Practice: Train Your Team!

• Missing Phone or Thumb Drive• Requesting & Transmitting Sensitive Data• Typical Scams• Tracking Access• Basic Security

(lock your door)

Best PracticesWhat do you collect and why?

Best Practice: Audit yourself!

Internal Onboarding Audit:

• Legacy application questions

• Changing regulations

• Old requirements no longer necessary

Tips & Tricks

Good: Use Password PHRASESBest: Use Password MANAGERS

PASS

WO

RD

S

Use 2-factor AuthenticationUse Google Authentication

2 FA

CTO

R A

UTH

ENTI

CAT

ION

Lock it down!Turn on remote kill switchH

AR

DW

AR

E SE

CU

RIT

Y

Turn it on!

ENC

RYPT

ION

• Don’t request via email• PW Protect• Permanently Delete

SEN

SATI

VE IN

FO

• Audit Trail • Access Control• Granular User

Permissions

SEC

UR

E SY

STEM

S

If you only do 1 thing…SET THE TONEAT THE TOP“

Questions? Ready to get secure with

WorkBright? Special Lunch & Learn Offer – First month FREE!

Schedule a demo today or by email at info@workbright.com