Taking Steps to Prevent Data Leaks with your Recognition Provider

Recently, there was a costly and dangerous data mistake made by Equifax where several Americans have been left vulnerable to exposure of their personal information.

HR technology makes our lives as HR practitioners easier & allow us to be able to focus on all the things that matter. But knowing that the technology we choose to use is safe for our organization is of utmost importance.

Because HR technology contains personal data, it’s important for companies to be informed and know that their technology provider can safeguard all data and give them IT support when it’s needed.

Although sometimes we can’t predict what our technologies will do, we can learn from mistakes like what happened with Equifax and take steps to help prevent any problem that may occur.

We can’t speak to the safety of every HR technology platform, but we can give you the security details you need to know about our social recognition platform: Carousel.

Why is Security so Important?

Your employees trust you with their information, so it’s important to do business with people who understand what that means and take the proper steps to ensure data security. You also need to use vendors who understand that data security is evolving. You can’t set it and forget it. Choose a company who communicates their data security monitoring measures.

A recent study was done by IBM to determine the cost of a data breach. “This year’s study reports the global average cost of a data breach is down 10 percent over previous years to $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information also significantly decreased from $158 in 2016 to $141 in this year’s study.”

So given the stat above another reason why security is so important is if a breach happens the cost to fix it can be astronomical.

Is your Data Stored on-Premises or in the Cloud?

Carousel is a cloud-based solution under the protection of AWS (Amazon Web Services).

This report from cloud technology partners shows that cloud-based solutions have fewer attacks than non-cloud based solutions.

“Web application-based attacks hit both service provider environments (53% of organizations) and on-premises environments (44%). However, on-premises environment users or customers suffer more incidents than those of service provider environments. On-premises environment users experience an average of 61.4 attacks, while service provider environment customers averaged only 27.8. On-premises environment users also suffered significantly more brute force attacks compared to their counterparts.”

What Happens if There is a Breach?

Not a single site can be 100% safe against an attack. Since none of MTM’s solutions require highly classified information, you can rest easy knowing that sensitive pieces of information like SSN or full birthdates are not being released. In the rare event, there is a breach, we have a Disaster Recovery Plan in place by Senior Leadership.

Hopefully, you will never have to deal with a data leak in any way, but If you suspect your company has had a data breach, here’s a checklist from the Huffington Post on what to do and what steps you should take.

1. Verify that there was a breach
2. Figure out how you’ve been affected
3. Find out whether the company can help
4. Change your passwords
5. Notify the appropriate third party

For more details on data security in HR check out this HR technology security article, which was the inspiration for writing this article, written by Core HR. You can also refer to the article MTM provided on employee recognition data security for more detailed information.

If you have questions related to data security in relation to recognition software, contact one of our experienced recognition consultants for help.