Today I was going through airport security with my wife.\u00a0 I got randomly selected for a screening, which consisted of wiping my hands with a cottonish fabric and sending it through the scanner that detects explosives or something like that.\u00a0 After the screening, I commented to my wife, “so don’t all the terrorists know to not go to the gun range or handle their explosives within 24 hours of going to the airport?\u00a0 It seems to me that this particular screen is really not a deterrent.\u00a0 Any half intelligent terrorist worth their salt has got to have investigated TSA, right?\u00a0 ((if I end up on some FBI watch list for this post, I’ll be both highly amused and highly irritated at the same time))<\/p>\n
I’ve been trying to figure this out for ages.\u00a0 You see, the problem is that even if you have stricter limits on access to fields and tables in your security setup, even if you limit the number of users to sensitive information, you should not assume that your data is any more secure from unauthorized sources.\u00a0 All you have done is make it harder to access.\u00a0 Now, I’m not saying that making it harder to access is not a worthwhile exercise.\u00a0 It is.\u00a0 But let’s be honest with ourselves.\u00a0 Harder was not the goal.\u00a0 Impossible was.<\/p>\n
Pretty much every reporting engine in the world allows you or the user to somehow download the data.\u00a0 Before we lay blame on the vendors, let\u2019s realize that it\u2019s our own fault \u2013 we placed it as a requirement in every single RFP, or we \u201cooh\u2019d\u201d and \u201caah\u2019d\u201d when they demo\u2019d how easy it was to download to MS Excel.\u00a0 Either way, we lose all control over data security once data is downloaded by the user.\u00a0 Privacy controls are voided, confidentiality issues arise, and we have no idea where the data ends up.\u00a0 Not that this is all our fault either.\u00a0 People who have security access to compensation data for example should know better than to email that stuff around.<\/p>\n
There are a couple of nice solutions though, but I\u2019m not sure how perfect anything is since at some point most of our organizations need to have data stored or downloaded.\u00a0 We could of course disable downloading, and every manager, finance person and HR practitioner would just have to pull up a dashboard and view the data in real time.\u00a0 Right\u2026\u00a0 At the same time, I\u2019ve been advocating that all HR decisions are based in facts and data, and I can envision a world where meetings get really dull when we gather executives around the table but were not able to prepare decks full of analytics beforehand.<\/p>\n
Here are a few things you can do to improve your reporting data security:<\/p>\n
This is just one of those problems I keep grappling with.\u00a0 We keep giving managers and non-HR functions access to more data \u2013 I do believe the business requires it.\u00a0 We want everyone to be able to make decisions in real time, but we don\u2019t trust our partners fully either.\u00a0 I\u2019m also completely uncomfortable giving up and going with the idea that some data is just going to slip through or saying that it\u2019s just a change management problem.\u00a0 Anyone have any thoughts about what they have done?\u00a0 Please ping me.<\/p>\n","protected":false},"excerpt":{"rendered":"
Today I was going through airport security with my wife.\u00a0 I got randomly selected for a screening, which consisted of wiping my hands with a cottonish fabric and sending it through the scanner that detects explosives or something like that.\u00a0…<\/p>\n","protected":false},"author":1,"featured_media":2390,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[392,27,47,2],"tags":[69,159,305,412,411,413],"class_list":["post-2322","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-big-data","category-data-metrics","category-governance","category-hr-technology","tag-data-governance","tag-data-security","tag-governance-2","tag-master-data-management","tag-mdm","tag-security"],"_links":{"self":[{"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/posts\/2322","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systematichr.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2322"}],"version-history":[{"count":9,"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/posts\/2322\/revisions"}],"predecessor-version":[{"id":2464,"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/posts\/2322\/revisions\/2464"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/systematichr.com\/index.php?rest_route=\/wp\/v2\/media\/2390"}],"wp:attachment":[{"href":"https:\/\/systematichr.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2322"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systematichr.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2322"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systematichr.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2322"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}