Retailers and couriers across the UK have just endured another record breaking year for sales, both in-store and online. With this in mind, organisations across the nation would have had to frantically prepare not only their stock and festive deals, but also employ a handful of temporary seasonal workers to help day-to-day staff with the rapid influx of consumers flocking to buy the year’s must have item.

Not only would HR have had the nightmare task in the leading months of interviewing and hiring suitable candidates, but the IT department would also have been faced with ensuring that staff are ready to work efficiently and securely straight away.

Now is the time that businesses now need to start considering how can they best prepare for this staff uptake during the year’s peak seasons, ensuring they remain both efficient and secure when the festive period is upon us yet again.

Rally the troops

The rapid on-boarding of these temporary workers can have both the HR and the IT department in chaos. In 2014, Royal Mail recruited over 19,000 workers to assist with the Christmas rush and Amazon brought in 17,000 to its warehouse to help cope with the rise in festive orders. While it is important for organisations to ensure they have the right number of troops on the ground to cope and effectively manage the customers, it is just as vital that they are prepared for the potential issues that come with employing so many new staff members.

Not only must HR ensure adequate training is provided, but the IT department must ensure each individual can access the appropriate systems to start effectively from day one. Both HR and IT must be confident that a temporary workforce moving on in January cannot do so with valuable corporate data (be it customer records or intellectual property). Consequences could be catastrophic If the correct provisions are not taken to ensure each individual employee has access to the correct information and equipment to do their job. This is why it is always better to be proactive rather than reactive, as all too often hindsight is a business’s only solace.

Streamline on-boarding and off-boarding

To manage the rapid influx of employees, organisations must streamline on-boarding and off-boarding processes to ensure individuals are effectively added to the organisation’s IT system and are removed just as simply once they leave the role.

During the on-boarding process an employee needs to be incorporated into an identity management platform through a browser-first strategy. Not only does this limit what sensitive information the individual user can access but it also eliminates security risks associated with weak passwords. With the ever increasing popularity of ‘bring your own device’ (BYOD) within the workplace, controls over external devices brought into organisations can be strengthened.

Additionally, it also makes the necessary applications easy to access for a workforce who may not be so tech savvy. Often security relies on ease of use, as much as it does on controls over user access. To accompany the browser-first strategy many organisations gain control by embracing solutions such as ‘identity as a service’ (IDaaS), multi-factor authentication and user provisioning. In turn, this allows them to keep the benefits of a temporary workforce while minimising the potential security risks and damage to brand reputation from preventable data breaches.

Practise ‘safe data’

Often the new temporary workforce hold few loyalties to their new organisation, pushing up security risks, particularly when all departments are under increased pressure. All employees – even seasonal ones – should be taught the importance of practising ‘safe data’ to help reduce exposure to the business and also know what to do should a data breach occur.

An organisation must provision new users, control on-premise versus off-premise access and implement a streamlined on-boarding and off-boarding in process, in a short space of time before an employee’s start date and on their last day.

If carried out correctly a business can be confident that the utmost is being done to protect confidential data from a workforce that is here today and very likely to be gone tomorrow – and it’s certainly not too early to start thinking ahead.


By David Meyer, VP of Product at OneLogin

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.

comments powered by Disqus