SaaS Data Security for HR

Not all of the concerns HR may have about the security of SaaS are necessarily unfounded. Although top notch HR software vendors can afford to implement the latest security measures both online and in their data facilities, not all SaaS vendors are created equal. Employee data is always highly sensitive. Employers routinely collect information that could be used to perpetrate identity theft on a massive scale if it falls into the wrong hands. The damage to employee/employer relationships in the event of a data breach (even if no fraud results) is massive.
According to this whitepaper slideshow from Softscape, the average cost of a compromise in the security of HR data is over 6 million dollars. That’s not a risk organizations can afford to take – and not one they should have to worry about when it comes to the security of their data in the hands of an SaaS vendor.

Investigate Before You Sign Up With a New SaaS Company

In the slideshow mentioned above, the folks at Softscape outline several security concerns that HR clients should explore with their IT department and potential SaaS vendors. For example, if a multi-tenancy structure is used (which is typical for SaaS), a closer look at data segregation is warranted. If all employee data for multiple customers is hosted in a single database, this increases the risk of data being unintentionally exposed to the wrong client. With niche vendors who have a small client base and little capital to work with, this is the kind of corner cutting that can lead to real problems.
An SaaS vendor that takes security seriously will have multiple layers of physical and virtual security measures in place to prevent both accidental data breaches and intentional attempts at hacking/sabotage. They will also work with each client’s own IT department to implement further measures as needed to ensure the application is truly secure.
For some clients, this is accomplished most effectively by providing an on-premise version of the software rather than going with SaaS. However, this is only the better option if the client’s organization actually has a highly secure internal data center. For the average customer, the costs of maintaining a state-of-the-art data facility are prohibitively high. So, most HR departments may actually be keeping data safer by relying on a best of breed SaaS vendor to host it off site. To find out more about the safeguards we put in place to keep our clients’ new hire onboarding data secure, contact us at 770-569-5122.