Absolute security and confidentiality for HR services Absolute security and confidentiality for HR services - RSS feed from Security Park
(10/03/2010)

HR resource services companies offer a complete range of services and products relating to the employment of personnel. With payroll data increasingly being transferred over publicly accessible network as the Internet, many HR services companies are aware of the need for absolute security and confidentiality. Many organizations need to secure the exchange of confidential information over the Internet, so that their clients could use their payroll software packages without worrying about Internet crime

Typically, clients’ HR-staff provides HR resource services companies with necessary and confidential data, so they can do the payroll processing for them. But, because the software packages can be used over the Internet, HR services companies need to guarantee an absolutely secure and confidential way of exchanging this information. Besides that, they also need to ‘know' who sends them this information, in order to allow them to check whether this person is authorized to do so.

Obviously, it is essential that HR services companies find the ideal way to the secure the exchange of this data. The data which HR companies receive from their clients is very confidential and that is why they are also attractive for fraudsters. Strong authentication is the right security path for HR services companies to follow.

With strong authentication, the user has to authenticate themselves through two independent factors:
* Something you know (a password)
* Something you have (a physical device).

This contrasts with traditional password authentication, where the user only needs a static password to identify him self. In many cases, HR resource services companies have decided to work with VASCO’s DIGIPASS strong authentication and VACMAN Controller.

How does it work?

In theory, a Human Resource Services company assigns a DIGIPASS to everybody who is authorized to use or enter data into the software packages. To login to such a package, the user needs an Internet connection, a username, a PIN code and DIGIPASS. After entering the PIN code (first factor) on the keypad of DIGIPASS (second factor), the device/software generates a unique password. This password needs to be entered into an applet, together with the username, in order to get access to the payroll software.

With a unique password that is generated every 36 seconds, DIGIPASS puts fraudsters out of action. Even if fraudsters can retrieve the password someone used to login, the criminals won’t be able to re-use it, as DIGIPASS produces a new password for every login.

Two important factors why Human Resource Services companies opt for VASCO are VASCO’s proven track record in the financial world and the ease of use of DIGIPASS. A lot of banks used this security solution, HR resource services companies are reassured of the added value and security of DIGIPASS strong authentication. The easy use of DIGIPASS stimulates its adoption. No technical skills are required to use DIGIPASS. Therefore it is easy to distribute it to all kinds of users.

DIGIPASS secures multiple applications

HR Services companies can also use DIGIPASS not only to secure the input of data by clients, but also for a number of other critical applications. Internally, DIGIPASS can be used for remote access and to connect securely to the corporate network through a VPN connection. DIGIPASS can also be used to give employees secure access to their web mail.

Additionally, in keeping with Access to Work requirements and corporate social responsibilities, companies have to offer blind and visually impaired people the same job opportunities as everyone else. For these employees, companies can opt for VASCO’s DIGIPASS 300 Comfort Voice. This way, they can securely access the same applications as other employees can. To assist visually impaired people, DIGIPASS 300 Comfort Voice has extra large buttons and every key press is followed by an acoustic feedback. The calculated unique password is being read by DIGIPASS to the user through a built-in speaker or via a headset. That way the user can insert the password as he or she hears it.

While the secure exchange of confidential data remains a critical concern for HR resource services companies, they can now be assured that with DIGIPASS from VASCO, their clients’ confidential data will remain safe.

Vasco is exhibiting at Infosecurity Europe 2010, on 27th – 29th April in Earl’s Court, London, www.infosec.co.uk.

Opinion piece submitted by Jan Valcke, President and COO, VASCO

Related topics:  Authentication and identity management   Data management and data security 


print versionPrint version | email this to a friendEmail to a friend | related articlesRelated articles


Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.


Other Security news and resources


Security News Suppliers Directory Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security interviews Security companies Security events Security links Security market

Product channels

Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

IT Security white papers and research library

Access Control  Authentication  Data Management  Data Security  Digital Signatures  Email Security  Identity Management  Internet Security  Intrusion Prevention  Network Security  Remote access security  Security Management  Security Policies  Security Software  Security Threats  Virus Detection Software  Virus Protection  VPN  Vulnerability Assessment  Wireless Security 

Security books, guides, standards and toolkits

RFID and Smart Cards books, guides and reference documents  Biometric books, guides and reference documents  CCTV books, guides and reference documents  Intruder alarms and intrusion detection systems books, guides and reference documents  Monitoring and surveillance books, guides and reference documents  IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits  Fire, Health & Safety books, guides and reference documents

Security Resources
Directory GET LISTED! Jobs forum Classifieds Knowledge base White papers Research library Security books Security videos Special reports Security companies Security events Security links Security market Company news

Security Products
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Security products

Security Markets
Bank and financial services security Corporate and enterprise security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security Small business security Sports and recreational security Transport and logistics security


Ensure that you conduct an effective information security risk assessment that is in line with ISO 27001 by purchasing vsRisk™ Risk Assessment Tool

Need a
Security reference book?
Find it on Amazon
Security books







advertise
sumbit an article
copyright
terms & conditions
privacy policy


CMS and Web design by www.Areza.com

Article search

Directory search


add your company
Google

ISO 18028 (Network Security Management)
Home | About | Contact | Submit article | Advertise | Newsletter | RSS | Search