With the promise of easy access to information and improved workerproductivity, corporations have rapidly moved to embrace Web technologies fortheir line of business and HRMS applications. This new "stateless"environment changed the way we think about application development andintroduced new security challenges to protect HRMS systems deployed on theintranet.
Consider this hypothetical case. Big, High-Tech Corporation builds anintranet to empower its employees by giving them easy access to information. TheHuman Resources Department takes up the challenge to make access to employeeinformation available through this new medium.
Mary needs employee self-service to reduce administrative costs. Laura hasbeen asked by her VP to use the intranet to implement a paperless new hireapplication. Jenna has been told to make personnel reports available via theintranet to everyone who needs them. Big, High-Tech is involved in sensitivelabor negotiations, and Dave is responsible for communicating company policiesand positions to field managers.
All of these applications require effective and robust security before theycan be deployed successfully to the enterprise. Mary has to be sure of the"self" in self-service. Laura requires positive, directed workflow andnon-refutable digital signing. Jenna has to allow access only to those reportsintended for a particular position. Dave must be able to restrict access to hisWeb pages to management only.
Everyone has heard horror stories about hackers and disgruntled employeesaccessing sensitive information stored on company computers. In one popular TVcommercial, a hacker breaks into the HR system and e-mails the VPs' salaries toeveryone in the company. The move to intranets and Web technology for HR systemshas added many challenges to those concerned about keeping informationconfidential while they are being asked to make it even more accessible to thosewho need it.
By Robert H. Fortenberry, Information System Consultants. From IHRIM's"e-Work Architect: How HR Leads the Way Using theInternet."