PART FOUR

FUTURE OF HRIS: SOME

ISSUES AND CHALLENGES
INFORMATION SECURITY
IN HRIS
 HRIS and security issues
 Information security in HRIS means protecting information
in the HRIS from unauthorized access, use, disclosure,
disruption, modification, or destruction
 The objective of information security are to ensure
confidentiality, integrity, and availability of information
(Pfleeger, 2006; Wong, 2006)
 Threats to information security

 Human error: incorrectly entered data or accidental destruction

of existing data (Wong, 2006)

 Damage by employees: information may be damaged by

disgruntled employees

 Misuse of computer systems: employee’s unauthorized access

to or use of information, particularly when it is confidential and
sensitive
Continue…

 Theft: the value of information can be much higher than the price
of hardware / software

 Computer-based fraud: 90% of companies have been affected by

computer-based fraud such as data processing or data entry routines
that are modified

 Viruses, worms & Trojans: have the capability to automatically

replicate themselves across systems and networks, typically
delivering mischievous functionality or damaging the information
Continue…
 Hackers: someone who accesses a computer or computer
network unlawfully; such attack often termed “intrusion”; cyber-
terrorism – leveraging of an information system, particularly
through internet to cause physical, real-world harm or severe
disruption of a system’s infrastructure

 Natural disaster: most typical form of natural disasters are flood,

earth-quakes, fires or lightning strikes which destroy or disrupt
computing facilities and information flow
 Sources of threat (ceriello & Freeman, 1991)
 Competitor - sabotage, espionage, theft
 System user - sell data to competitors
 Operator - copy files, destroy files
 Engineer - install bugs, sabotage, access security information;
 Programmer - steal programs/data, embezzle through programming, bypass
control, extortion- hold programs for ransom;
 Reports - print extra copies to sell
 Data conversion - change codes, insert/delete data
 Data control - insert/delete data, bypass controls, sell information
 Clerk/supervisor - forge/falsify data, collusion with internal or external
persons
 Trash pick-up - sell carbons/reports to competitors
 Distribution - extra copies, carbon
 Components of information
security
 Confidentiality: confidential information must only be accessed,
used, or disclosed by authorized users

 Integrity: data must be created, modified or deleted only by

authorized users

 Availability: authorized users must be able to process and access the

information when required
 Role of HR in information security

 Information security is no longer solely the responsible of IT department

 Many HR managers still tend to think that security threats refer to external
security breaches (virus outbreak or malicious hackers)
Continue…
 Hr managers should focus on less obvious threat such as
disgruntled employees and ex-employees, network links to
business partners who don’t have proven trustworthy systems,
misuse of computers by employees, and insecure network
access points set up by employees
 Best practices for handling information in HRIS

 Adopt a comprehensive information security and privacy policy

 Store sensitive personal data in secure HRIS and provide appropriate
encryption
 Dispose of documents properly or restore computer drives and CD-ROMs
 Build document destruction capabilities into the office infrastructure
 Conduct regular information security practice training for all employees
 Conduct privacy “walk-through” and make spot checks on proper information
handling
Continue…

 The careful selection of staff with due regard to their honesty and
integrity
 The raising of information security awareness among staff and
ensuring that employees are aware of the company’s security policies
 Measures to address the personal problems of staff, such as gambling
and drug addiction, which might lead them to indulge in computer
abuse for financial gains
 Access to effective grievance procedures, since the motivation for
much computer abuse is retaliation against management
 train users on how to handle equipment, data and software safely;
 train users to logoff their personal computers when not in use;
 do not allow password to be shared, and change the password
frequently;
 run the software through virus detection before using it;
Continue…
 ensure that backup copies, data files, software and printouts are
used by authorized personnel only;
 ensure that all data files and programmes have backup copies;
 ensure that all software applications and mainframes are equipped
with audit trail (a record that keeps detail of each modification and
transaction that takes place, including when and who performed the
changes); and
 use edit controls such as passwords to restrict user access to data
files
Ethical issues in hris
 Information privacy

 Solitude: the right to be alone without disturbances

 Anonymity: the right to have no public personal identity

 Intimacy: the right not to be monitored

 Reserve: the right to control one’s personal information, including the

methods of dissemination of that information
Continue…
 what information about one’s self or one’s association must a
person reveal to others, under what conditions and with what
safety measures?
 What information can individuals keep to themselves and not be
forced to reveal to others?
 Information accuracy
 Who should be responsible for the originality, reliability
and accuracy of information?
 Who should accountable for errors in information?
 Information property
 Who owns information?
 What is the fair price for its exchange?
 Who owns the channels, especially the airways,
through which the information is transmitted?
 How should access to scarce information be
allocated?
 Information accessibility
 What information does an individual or organizations
have the right to obtain, under what conditions and with
what kind of protection?
 Individuality and HRIS
 Eliminate the human relationships present in non-
computer systems
 Dehumanize and depersonalize activities that
have been computerized
 Demand a very strict and detail procedures if the
system is to work
 Health and HRIS
 Eyestrain
 Muscle strain
 Back pain
 Nerve damage
 Radiation exposure
 Cumulative trauma disorder (CTD)
 Carpal tunnel syndrome (CTS)
 Cathode ray tube (CRT)
 Computer vision syndrome (CVS)
Technologies impacted HRIS
 1. Web 2.0
 Web 2.0 refers to a second generation of Web-communities and
services focusing on creativity, collaboration, and sharing, in contrast
to traditional isolated information silos.
 Web 2.0 users not only access information but also generate, share,
and distribute new content
 Using Web 2.0 will require HR department to pay greater attention to
the legal, ethical and security implications of information exchange
 Example of web 2.0
 Social networking (e.g., chat rooms, MySpace, Facebook)
 Wikis (publicly available collaborative Web dictionaries enabling
users to contribute to online documents or discussion)
 Blogs (short for Web logs – online journals or diaries hosted on a
Web site, both personal and corporate)
 Mash-ups (software composed of two or more composite applications
– e.g., pulling up a rental car booking site within an airline booking
site)
Continue…
 Peer-to-peer networking (P2P; sharing files e.g., text, music and
videos)
 Web services (Web enabled instant communication between users
to update information or conduct transactions e.g., a supplier and a
retailer updating each other’s inventory systems)
 Personal Web sites
 2. Application service provider (ASP)
 Since storing and maintaining programs can be costly, some have
elected to outsource one or more facets of their IT needs to an
application service provider (ASP)
 An application service provider (ASP) is a third-party
organization that manages and distributes software and services
on the Web.
 Instead of installing the software on your computer, you run the
program from the Internet
 Example: Clickability, Salesforce.com, WebEx
Continue…
 Traditionally, software is sold. You physically receive a CD and you
install it on your hard drive or your office's server. ASPs don't
operate this way. They deliver software as a monthly service and use
the Internet as the medium.

 Many companies use QuickBooks or Peachtree as their accounting

software. So instead of using an application that runs on your own
desktop, you could login via the Internet and use a web-based
application to perform tasks online - entering bills, cutting checks,
etc
 5 categories of ASP
1. Enterprise ASP: customizes and delivers high-end business
applications, such as finance and database
2. Local/regional ASP: offers a variety of software applications
to a specific geographic region
3. Specialist ASP: delivers applications to meet a specific
business need such as HR or project management or credit
card payment processing
Continue…
 Vertical market ASP: provides applications for a particular industry
such as construction, health care, or retail
 Volume business ASP: supplies prepackaged application such as
accounting to businesses (e.g., PayPal)
 3. Wireless communication
 Wireless gadgets include as smart pagers, cellular telephone, PDAs,
Tablet PCs, and notebook computers with high-speed Internet access,
simplify and expand your communication abilities

 Wireless Application Protocol (WAP) allows wireless mobile devices

such as smart phones and PDAs to access the Internet and its services
such as the Web, email, chat rooms and newsgroup
 Examples of wireless communication

 Ericsson introduced the first Bluetooth product – a headset that

communicates with a wireless telephone, thus enabling user to talk
hands-free. Wireless headsets can also connect to notebook computers
and handheld computers
 Millions of hikers, boaters, pilots, drivers and other navigators never
feel lost with the aid of global positioning system (GPS) devices.
These products rely on 24 satellites that circle the earth twice a day in
a very precise orbit and transmit data to earth.
continue…
 Public access points called hot spots, allow wireless networking in
public areas. Example, Starbuck Coffee shops offer high-speed
wireless internet access in Wireless HotSpot stores
 Compaq iPAQ Blackberry users always connected to wireless
network and be able to watch email messages
 4. Real time translation
 document translation in any language or dialect from across the world
quickly and at short notice as well as language interpretation services
for any language
 Example: CART – communication access real time translation - is the
instant translation of the spoken word into English text performed by a
CART reporter using a stenotype machine, notebook computer and real
time software
 The text is then displayed on a computer monitor or other display device
for deaf students or people with learning disabilities or those who learn
English as a second language
 example
 Transclick provides real-time translation capabilities for
cellphones, messaging and collaboration systems. Our award
winning product offers business-quality translation, on your
desktop or mobile device. Initially developed for the US Army,
Transclick's patent-protected technology is now available to both
consumers, enterprises, government agencies and NGOs. Our
newest products, the Transclick Instant Messenger and
Transclick Instant Messenger Mobile (TIMM) allow you to type
in your own language and be read in the language of your
communication partner. We also offer the Transclick Pro
Translator (Parrot) for Blackberry and J2ME smart phones.
Specific features of Blackberry Parrot include: Support for 12
languages and translation over SMS and email or on-screen.
Ability to cache the last 10 messages. See "Latest News" directly
to the right or click on "Solutions" at the top of this page for
more information. Parrot is the ideal tool to make foreign
communication easier for any tourist or business traveler.
 5. Voice recognition
 Voice recognition or speech recognition is the computer’s capability
of distinguishing spoken words
 Voice recognition program does not understand speech, just
recognize preprogrammed words.
 A voice recognition program on the computer may recognize up to
two million words
 The first voice recognition programs were speaker dependent
 Today, most are combination of speaker dependent and speaker
independent
Continue…
 Speaker-dependent software – the computer makes a profile of your
voice, which you have to train the computer to recognize your voice
 Speaker-independent software – a built-in set of word patterns
 Some voice recognition software requires discrete speech, which
you have to speak slowly and separate each word with a short pause
 Most of today’s product allows you to speak in a flowing
conversational tone, called continuous speech
 6. Portals and personalization
 A portal is a collection of links, content, and services presented on a
Web page and designed to guide users to information they likely are to
find interesting for their particular job function
 A portal often include searching capabilities or a link to a search engine,
such as Google
 Users typically can customize the portal Web site to meet their needs
and this is known as personalization
 7. Push technology
 Push technology or server push describes the style of Internet-based
communication where the request for a given transaction is initiated
by the publisher or central server
 Push services are often based on information preferences expressed in
advance
 This is called a publish / subscribe model
 A client might subscribe to various information channels
 Example: email, instant messaging, synchronous conferencing
The following are a few technological trends that bring a major change
in human resources management software and industry in 2018 :

1. Big data

 helping HR professionals to understand their

customers, market to target audience group and
communicate with prospective customers
 When integrated with other technologies, Big
Data helps to gain a deep insight and allows HR
professionals to make decisions powered by vital
information.
 gives HR managers a fact-based view of the
current workforce, and helps them to identify
emerging trends
 2. Mobile Apps
 As the workforce across various operations seeking access to
applications via mobile devices, companies are considering
to adapt their HR systems.
 organizations will consider HR applications with
mobilization process and the interface that employees are
looking for.
 the trend of creating applications that streamlines the basic
HR functionality continues to evolve.
 mobile apps have become essential for every application that
a company develops.
 3. Social media
 employers are using social media channels like Facebook and
LinkedIn to recruit staff
 HR departments can use social media not only for recruitment
and also for employee engagement
 Enterprises can use social media channels to reach target
audience with job postings and other company related
information
 organizations use social media to tell their organization’s success
story through photos, blog posts, Tumblr and Pinterest pages
 job seekers are using these social networks to find about the
company
 an ideal platform to engage employees, build relationships and
bolster communications in the workspace
 4. Cloud

 Collection and data storage have been so difficult until the

evolution of cloud
 With the advent of cloud technologies, all the information such as
documents and other pertinent information can be easily accessed
online
 Employee information can be archived and organized in a secure
location.
 By centralizing the data, the workflow and operations can be
streamlined across the enterprise
 Implementing cloud solutions can have a positive impact on
various streams of operations ranging from product development,
workforce management and business integration.
5. Software as a Service Applications
The following are a few SaaS applications that help the HR department:
 LinkedIn Recruiting Service: LinkedIn is termed as a processionals network and
helps recruiting departments by providing the resources required to find and recruit
candidates. In this way, a recruiter can easily find candidates with relevant profiles.
 Lucidchart: Lucidchart is a SaaS application that allows users to draw flowcharts and
diagrams. It is mainly used to create organizational chart and mind-mapping.
 Google Docs: Google Docs allows you to share information easily across businesses.
Google Docs help you streamline the process and make data collection much easier.
One area where Google Docs play a key role in HR is performance evaluation.
 Google Forms: Google Forms allows HR departments to send every employee a
question and response form with questions. When employees submit their responses,
the results will be saved in Google Doc template. The Google doc will be emailed to the
respective manager for further review. In this way, a performance review process can be
made more efficient and paperless. This is just a case, and there are thousands of other
options where Google Docs can streamline HR processes.
 6. Bring Your Own Technology (BYOT)
 BYOT has become a new trend today, and companies started
embracing it due to the level of convenience it brings to businesses.
 Companies that develop the concept of BYOT should make sure that
their policies include guidelines for protecting confidential data and
ensure proper measures are put in place if their device is lost or stolen.
7. Wearable Technology

 can make your employees stay connected and improve

time management
 provide a wealth of opportunities for employee
engagement, including increased productivity, benefit
incentives and security
 not only improve communication and also enhance
operational efficiencies
 HR department that considers switching to wearable
devices should get an idea about what type of information
the devices can track and how the compliance works.
Other trends affecting HR:
 Artificial intelligence (AI) - to improve how decisions are made,
reinventing how work gets done, and revamping the customer
experience will drive the payoff for digital plans through 2025.
 AI is driving advances for new smart machines, such as
autonomous vehicles, robots and drones, and is providing enhanced
capability to many existing networks, such as Internet-of-things
(IoT)-connected consumer and industrial systems
 Blockchain - it is an encrypted, digital ledger of public records
organized into groups of data called blocks and distributed over
networks; for example, recruiters hoping to verify candidates faster
and more efficiently and payroll managers hoping to make
international payroll less costly and more timely.
 Intelligent Apps and Analytics - to make new app categories,
such as virtual customer assistants and bots that improve common
applications such as worker performance analysis, sales and
marketing, and security.
 Conversational Platforms –
 Instead of going to the intranet and typing in a request, employees could
"talk" to HR through its conversational platform.
 these tools will drive the next big paradigm shift in how humans interact
with the digital world.
- As the technology matures, "extremely complex requests will be possible,
resulting in highly complex results. For example, the conversational
platform may be able to collect oral testimony from crime witnesses,
resulting in the creation of a suspect's image."
The end