Protecting Sensitive Information...and what else?

In the June-July issue of Merit Guidelines™ we talked about protecting sensitive employee information and some of HR's role in that process. The article cited security experts saying that the most common threat to data security is found inside most companies.

The profundity in that statement comes to light when we look at the way our workforce demographics are increasingly changing, and when we take stock of how well businesses have anticipated the implications of this when it comes to protecting company information -- and more.

Far beyond providing locking file cabinets and requiring authorizations or "clearances" to access confidential employee information, protecting much broader ranges of sensitive company data, accessible today in a variety of ways by more people, is a concern businesses need to pay attention to.

In terms of the rapidly growing new generational workforce and its comfort with and expectations around the use of compact, miniaturized personal technologies on the job, steps you may have taken in the recent past to protect company information may need to be revisited to ensure the viability of those measures today. Simply put, you cannot prevent something you haven't given thought to, and that certainly applies in this instance because things are changing.

Take the time to rethink your "safeguarding culture" to:

• Be certain you have one in the first place that fits the way you do business and the relationships you nurture with your employees
• Determine how well your policies and practices in these areas have been communicated but most importantly understood and embraced
• Anticipate new areas of potential liability and risk associated with the use of new devices in different business settings

We all use them -- cell phones/cameras, MP3 players, flash and thumb drives of various sorts, Palms, Blackberries -- and the list goes on. Some are company provided technologies. Most are personal devices employees bring with them to the job. All have tremendous capacities to store data and transport it in quantities unfathomable only a few years ago. And so we come to the first big question - "How recently have your policies safeguarding sensitive information been written or updated?" That is the point, because things have changed. But wait there is more!

Beyond the potential for copying and removing sensitive information of all types from the workplace (including trade secrets), the mere use of some of these devices while working poses as significant a potential liability for businesses when it comes to safety.

While it can be argued that "continual partial attention" - the result of overlapping work with talking, listening, texting or otherwise operating these devices -- in and of itself can lead to increased business costs from lower productivity and less quality, these costs pale in comparison to potential liabilities associated with accidents on the job caused by their use. This particularly is true when it means heightened risk while driving.

So what do you do? First, research the potential issues relating to e-communications, data transfer/sharing and use of personal digital devices in the workplace in terms of how your business operates. Review what safeguards you have in place now and if necessary figure out how to integrate new ones in an appropriate way based on your company's culture. Incorporating the expectations and styles of your new generational employees will be important, so don't leave them out of the equation when determining what to do.

This can be a generational concern for sure but more importantly it is a communications imperative. Reasonable, appropriate guidelines limiting any use of these technologies must be well communicated and at a minimum understood and embraced by all employees. You also may need to change the way your work environment is monitored or managed in some cases.

Forward thinkers know this involves much more than just workplace rules and regulations. It involves company culture and enlisting everyone's "buy-in." The basic fabric of the best new talent you can attract today is made up of a totally assimilated reliance on portable technology and set expectations about its minute-to-minute use. Ask them to leave that at the door when they come to work and you may be shutting the door to attracting them.

There is no one answer for addressing what ultimately is a variety of issues surrounding e-communications, security and safety today, but these basic considerations should be part of every manager's thinking. (REH)

These are not areas in which to take a laissez-faire attitude. Well-defined practices not only guide actions but also can help establish company defense in situations where sensitive information is broached. If you have questions or need help addressing this topic in your workplace, contact us. Call 925-867-4400 -- 408-501-8863 or write to us.