Why HR Managers Must Enforce Data Security and Information Protection Policies
When Knowledge is Power, It Makes Sense to Protect it from Theft
In times when the knowledge based economy thrives and is predominant, it is more than important for organizations to protect their most valuable asset, which is data and information. Indeed, given the fact that contemporary organizations use knowledge as the main leverage over competitors, it becomes necessary and even critical to enforce strict data security and confidential information protection policies.
Note the emphasis on data and information and especially the confidential information since if competitors and rivals get hold of such information, they can easily have an unfair advantage over the firms.
Indeed, the ongoing Trade Wars between the United States and China are as much about protecting the Intellectual Property of US firms from preying and theft by China as they are about tariffs and other aspects.
Talking about China, most experts in the field of IP or Intellectual Property concur in the view that in its quest for technological superiority and dominance, it is increasingly resorting to blatant theft of IP and Confidential Information from the US based firms.
In this context, while at the nation level, governments are seized of this issue, it is incumbent upon organizations and especially the HR Managers to police the browsing and other online habits of their employees.
How Data Theft Happens in Organizations and How to prevent it
To explain, most theft of data happens mainly by internal actors who can be in the pay of rivals seeking access to a firmís IP secrets. Indeed, while hacking and phishing are also common, most of the reputed and large organizations have elaborate firewalls and other safeguards that shield their most valuable data from external hackers.
Of course, we do not mean to say that external sources of theft are not important, just that it is visible and can be detected whereas theft by internal employees often happens below the radar and hence, it is difficult to detect.
This is the reason why many organizations instruct their IT (Information Technology) and Systems staff to monitor the internet and online behavior of their employees so as to spot and preempt any possible leakage of data from them. In addition, they also do not allow personal devices with internet browsing capabilities including Smartphones without due authorization and due diligence.
Indeed, in recent years with the proliferation of Smartphones, HR Managers have a new headache in the form of regulating the Smartphone usage by their employees and while most organizations do not want to be seen as interfering with such habits, they are also seized of the fact that IP theft can happen if they do not do so.
Thus, this is a key challenge for HR Managers and the IT and Systems Staff as they have to keep tab on this aspect as well.
NDAs and Protecting Confidential Information
Having said that, it is not only data theft that is the challenge for organizations and another critical area of concern is the breaching of confidential information by employees. Indeed, this is the reason why Multinational organizations have elaborate NDAs or Non Disclosure Agreements wherein they clearly specify the terms and conditions of the employment contract that bar and prohibit them from sharing such information with others, including family members.
This is more the case as one goes up the organizational hierarchy as then, one is more exposed to trade secrets and sensitive information that make or mar the chances of firms.
Indeed, given the fact that most middle and higher management personnel routinely deal with confidential information if leaked can lead to advantage in terms of Stock and Equity prices, HR Managers usually prepare a list of select individuals who are privy to such information and they restrict such information to this circle only.
Age Old Problems of Human Nature and Easier Means in the Present Times
Taken together, what these aspects mean is that the Information Age has spawned a set of challenges for the HR Managers that hitherto were less demanding.
Indeed, in earlier decades, it was easy to monitor the phone calls and the written communications since they were done by Typewriters and other machine devices which were much more visible than the present day means of leaking information which, as mentioned earlier, can happen quite stealthily.
Moreover, in earlier times, Senior Executives usually used to meet with their peers in Hotels and other discreet places where privacy and security were afforded. Whereas now, any employee can hack into the internal systems as well as reveal the passwords and the IP Addresses of key personnel.
In addition, it is easier now for any employee to simply login to the Intranet and download the proprietary information and coolly take it with him or her on a Pen Drive or a Smartphone.
Even more, it is also easy in the present times with Fax and Printers having transmitting capabilities and this is the reason why many experts believe that while these issues are age old problems of human behavior, the scope for mischief has increased thanks to the ease with which it can be done.
Lastly, these challenges happen at every level and in all entities, whether they are Corporates or Governmental Agencies. Thus, a whole profession of Cyber Security personnel has now emerged that advises Senior Management figures and HR Professionals on how to protect data and confidential information.
Added to this are the steadily tightening policies and Zero Tolerance attitudes of HR Managers to these challenges. Thus, to conclude, HR professionals cannot afford not to enforce strict data security and confidential information protection policies.
- Hiring & Firing of Workers: Perspectives
- What to do if You are Laid Off from Job
- Termination and Outplacement
Authorship/Referencing - About the Author(s)
The article is Written By Prachi Juneja and Reviewed By Management Study Guide Content Team. MSG Content Team comprises experienced Faculty Member, Professionals and Subject Matter Experts. We are a ISO 2001:2015 Certified Education Provider. To Know more, click on About Us. The use of this material is free for learning and education purpose. Please reference authorship of content used, including link(s) to ManagementStudyGuide.com and the content page url.