GLOBAL PAYROLL MAGAZINE
73
“ Access controls play a vital role in protecting sensitive payroll data, especially heading into the holiday season when there are heightened risks. ” Key steps in auditing and updating access controls include: Limit permissions: Regularly audit access controls, ensuring employees only have access to the data necessary for their roles. Update devices: Prompt staff to complete software updates to their devices to reduce the risk of vulnerabilities. 3. Audit and Update Access Controls Access controls play a vital role in protecting sensitive payroll data, especially heading into the holiday season when there are heightened risks. Reviewing and implementing strong access controls during this time to address any vulnerabilities is important.
Use Multi-Factor Authentication (MFA): Require a second authentication method, such as leveraging a mobile app or security token, to prevent unauthorised access. Restrict shared logins: Remind staff to use individual logins and not share their credentials with others, particularly when performing leave cover. Review temporary permissions: If employees or contractors require temporary access, ensure it is promptly revoked when no longer needed. 4. Use Secure Communication Channels Payroll data or sensitive employee information may be shared internally when providing support or services. Secure communication methods are vital to prevent sensitive information from falling into the wrong hands.
Best practices include: Adopt encrypted platforms:
Use end-to-end encrypted tools designed for secure file sharing rather than standard email or messaging apps. Implement clear policies: Establish protocols for securely handling and sharing payroll data. Avoid ad-hoc exchanges: Discourage unsecured channels, like personal emails or unapproved cloud services, for sharing sensitive data.
Made with FlippingBook Ebook Creator