When a laptop that belonged to one of the clinicians who worked for the University of Oklahoma was stolen in 2015, patient data for thousands of patients was compromised. The university was unable to ascertain what kind of information was on the laptop of one of their employees or the extent of the damage from the theft of the computer.
To add an insult to the injury, the University of Oklahoma was not aware of the fact that one of their employees had stored vital patient information that would compromise healthcare delivery on his laptop. The university realized all these points after the doctor’s laptop was reported to have been stolen. Such situation occurs more often than people would think. It is estimated that a laptop or a personal computer is lost after every 53 seconds.
It is only a natural thing to get the information technology department of any firm involved. However, it becomes critical to engage the human resource department as well when sensitive data is at risk of being lost as employee’s identities become even more complicated. It makes sense to involve the HR department in granting and revoking the ability to access a network since it is responsible for the hiring and termination of employee tenures.
The HR department can manage employee user profiles and determine what type of systems employees can access and the kind of access privileges to give to what employees. At this point, the IT department will only be charged with the provision of tools that employees can use to access the system and how those tools can also be deprived. Additionally, tracking stolen personal computers and laptops that were issued by the company to employees can be of great help to indicate the employee’s potential performance issues that need to be sorted out.
The HR department of a company can assist the IT team take the necessary steps required to lock down laptops that have been stolen. The HR department does this as it is the primary source of the real identities of the company’s employees. This will be of great help in safeguarding the security of the company’s critical data from potential security breaches in the future using a solution known as unified endpoint management.
How protection begins with Unified Endpoint Management
The HR department of any company derives autonomy from the unified endpoint management solution to every employee’s laptop security. This way, the IT department is freed up to focus their energies on other system security measures against breach and compromise. This feature also allows the HR department to have a real-time response to breaches in system security. This strategy shortens the period that hackers have to compromise vital information in the laptop. Apart from the fact the unified endpoint management solutions improve visibility to the device identity of a particular employee, the feature also gives the human resource department the ability to do the following:
- Enforce a multi-factor or two pin identification like the type Onelogin apps offer: the need to balance employee’s access to the system and the security of the system is increasingly becoming important as it has also become necessary for employees to access work applications when outside their workstations. The HR department can enforce multi-factor authentication like the two pin access in all the applications using the unified endpoint management system. This increases the rate of difficulty for a security breach or a cyber-attack to be executed exponentially, and company data is safe. The first authentication factor is usually a certificate issued with information that is specific to the employee or user. Users are required to give a second authentication factor after they login to the system using their identification or password. The two login credentials verify the identity of an employee without having to add an extra device.
- Disable access remotely: the laptops issued to employees can provide a secure avenue for malicious actors to gain access to the company’s applications. This becomes especially so when the laptop has a weak or no passwords at all. However, with the help of endpoint management solution, a company’s HR department can revoke the certificate of a stolen laptop immediately. This will protect the data associated with the account or the unauthorized access to corporate applications. Onelogin advises that untrusted laptops which have been repurposed can be wiped remotely by the activation of an “instant kill switch.”
- The centralization of security protocols: HR can be able to manage user credentials and identities in one place using the endpoint management system. This helps the human resource of a company enforce security protocols that are stronger if the need arises. The centralization of the processes of authentication provides reports to the HR of what devices and applications employees have been granted access. In the case that a laptop is a lost, the HR department can know what data and company applications are at risk. System administrators can also deprive certificates of the laptop that limit the access of corporate documents.