Technology Management Flashcards
Big data changed technology in
- Volume
- Velocity
- Ex: real time info
- Variety
- Ex: video and audio recordings
Cloud computing
- Data is saved to remote servers that are connected through the Internet
- Popular way to manage increasing amounts of data.
Big data makes it more possible to
- See patterns and trends
- Create models that isolate possible causes and predict outcomes
- Reliable, current and analyzable data
HR can use big data by
- Collect new data
- Use data more effectively
- Better strategic analaysis
Information system (IS) is
Way to collect, organize, store, analyze, and share data.
Information system (IS) components
- Presentation tier
- Logic tier
- Data tier
- Communications tier
Presentation tier
- Is the user interface
- Where user can request and receive responses
- Can be computer/phone
- Should incorporate level of security to control assets
- Adaptable to users with different physical abilities (sight, hearing, etc)
Logic tier (business tier)
- Software and aplication software that enables operations
System software
- Includes the operating system
- Runs interface with presentation tier
- Moves data back and forth between data tier and software
- Communicates with hardware
- Controls system resources
Application software
- Offers specific functionality
- Ex: project management software, budgeting tools
- Must be customized to talk to system software
- May be located on hard drive or on-premise server or public network (internet/cloud)
Data tier
- Stores info that will be used by aplication tier to respond to user inquires
- Data stored on local drivers, removable divices and servers
Communications tier
- Enables sharing of data and applications by networking a computer (or phone) with other computers and servers
- Network can be private VPN
VPN
- Used to extend secure and private local networks to remote users by means of public networks
Integration
Extend that the users in a system share the same data
Enterprise resource planning (ERP)
- Business management software
- Allows different parts of an organization to access the same data and perform more efficiently
- Used to collect, store, manage, and interpret data from many business activities.
Scalability of big data
Issue with the increase amount of data without increasing processing time
Cloud computing
- Service subscribers pay only for the amount of memory, processing time, or bandwidth that it uses.
- Service managers maintain hardware and guarentee security
Benefits of cloud computing
- Flexibility and cost savings
- Easiest way for mobile users to access organization’s data
- Saves organization costs of servers and server rooms
Risks of cloud computing
- If provider is equpped to prevent loss of data (ex: backup system)
- Blocking unauthrized access to stored data
- Secrity patches and updates
Concerns with technology security
- Vulnerabilities created through integration
- Managing users’ security levels
- Governance (able to document all transactions)
HR tech products can
- Automate complex processes
- Produce data that can be used for other applications
- Support data analaysis
- Support compliance-related activities
Software as a service (SaaS)
- Software that is owned, delivered, and managed remotely
- Delivered over the Internet to contracted customers on a pay-foruse basis or as a subscription based on use metrics.
- Typically run over the cloud (users must have internet)
- Delivered to multiple customers simultaneously and secure
Artificial intelligence (AI)
Ability of a computer to imitate human thought and behavior.
IT purchasing process
- Identify needs that can be solved through technology
- Develop requirements
- Identify and assess offerings
- Develop business case
- Implement new technology
IT as a partner in determining tech to purchase
- They know
- Current tech
- Requirements and capabilities of many tech products
- Know how to research technology
- They have their own needs that may affect HR tech
Assess whose technology needs
- HR needs
- User needs
- Organizational needs
Integrated solutions advantages
- Common look and feel for applications (learning and transition is easier)
- Recuse needs of multiple architectures
- Ease of integrating data from multiple HR functions
- Reduces complexity of vendor managment (only one vendor)
- Less expensive per application than BOB
Integrated solutions disadvantages
- Minimal customization options
- Not always the best solution for each functional area
- Challenging to upgrade, challenge to one function may have dramatic impacts on others
- Slow down introduction of other features and upgrades due to complexity
Best-of-Breed solutions advantages
- Best fit for each functional area
- Quicker implimentation, system is simplier and affects fewer employees
- Do not lock a single vendor for all needs
- Vendors can be more responsive to user needs
- Possible to purchase only the functionality need
Best-of-Breed solutions disadvantages
- Difficulties in integrating data across applications
- Increased learning curves for each application with consistent interface
- Careful management of relationships needed with multiple vendors
- Demand among different applications may vary
Approaches to delivering technology
- On premise
- Hosted
- Software as service
On-premises approach
- Organization purchases and installs hardware and software on internal machines
- Supported by internal IT staff or IT vendor
- Critical to discuss IT’s availability and willingness to accomidate and support technology
Hosted approach
- Applications are purchased and installed for the organization
- Applications located at the vendor’s site and supported by external IT staff.
Software as a service approach
- Firm does not purchase or install any software.
- Instead, the organization subscribes to software that has been developed for multiple users and that runs on the vendor’s hardware.
- Accessed through the cloud.
Ways to research providers before contacting vendors
- Internet search and review general articles and vendor websites
- Review analyst reports
- Ask for recommendations from HR colleagues in other organizations
- Contact existing vendors with good records of service to see if they offer a product with the needed features
- Attend HR professional meetings and tech shows for presentations
How to select a provider
- Send request for proposal to several providers
- Providers response will show demonstrations of the product with specific refrences on how HR will use it
- Providers are selected in the same way of HR outsourcing
- Criteria selected and weighed for importance
- Provider is scored
Testing technology benefits
- Opportunity to correct product
- Stengthens training
- Builds acceptance of new technology by core influences
Opportunities and risks with security
- Data and system security
- Data privacy
- Social and ethical implications
Organization’s tech security measures should address
- Exposure of electronically stored sensitive data
- Loss of sensitive personnel data
- Unautorized updates of key data
General IT security protections include
- Limiting logical and physical access to data and systems
- Encryption
- Protecting against hacking and social engineering
Firewalls
Software and/or hardware that filters incoming and outgoing communication according to preset rules.
Encryption
- Conversion of data into a format that protects or hides its natural presentation or intended meaning.
- Used with stored or transmitted data
- Software can also alert users when there has been an effort to decrypt data
Hacking
Act of deliberately accessing computer data without permission.
Social engineering
In a computer context, tricking a user into sharing information that can then be used to access systems.
Common social engineering tactics
- Phshing
- Fake e-cards or job opening information
- Phony security alerts
- Click this link scams
Phishing
E-mails, phone calls, texts, or instant messages that ask for information or ask the user to click an embedded link
Spear phishing
- Attacks known data about user to create idea of legitmacy
- Ex: email from address of executives in ones organization
Social engineering training should include
- Never disclose a password
- Do not give private information to anyone you do not know or ho does not have a ligimate need
- Click links only from trusted sources
- Delete unsolicited emails (no forward, reply, etc).
- Assess the request and investigate if seems unusual
General Data Protection Regulation (GDPR)
- Created by EU
- Benchmark on organizations design and assessment of data practicies
GDPR Data Security Themes
- Transparency
- Individual rights of access to and control over data
- Legality of processing
- Data quality and minimization
- Data sharing
- Data transfers
- Data breaches (intentional or accidental, through external hacking or internal actions, such as accidental e-mailing of employee data)
- Accountability
HR response to Transparency (how data will be used)
Update privacy notices to employees and applicants that seek explicit permission to use data.
HR response to individual rights of access to and control over data
- Define who owns data (the employee/applicant, the organization, the vendor) and who has a business right to use it.
- Ensure that HR can reply promptly to employee requests to access or correct data.
HR response to legality of processing
- Remove use of and references to “employee consent to data use” in handbook and agreements. (These agreements are not sufficient. Data use must be based in the law.)
- Document valid legal grounds for all data processing activities.
HR response to data quality and minimization
- Formalize internal and vendor data retention limits.
- Develop and implement policies on data collection and retention.
HR response to data sharing
Implement data sharing agreements with internal functions and outside vendors.
HR response to data transfers
Map internal flow of data to identify data that falls within GDPR rules.
HR response to data breaches
- Implement data security measures.
- Develop and implement data breach policies to ensure reporting of breaches within 72 hours.
- Review post-employment agreements regarding use of organizational data.
HR response to accountability
- Maintain comprehensive records for authorities.
- Conduct an assessment of current practices (e.g., employee monitoring and background checks).
- Implement training and governance systems (internal data protection officer, audits, disciplinary guidelines).
Equal access to data
- Issue with recruiting
- Self-service portals
- Social media serches
- HR records of employees used to discriminate
- Algorithim biases
Bring Your Own Device (BYOD)
- Employees using personal devices to work and communicate when not in office
Disadvantages of BYOD
- Security threats on insufficently protected divices
- Legal aspect on compensating employees
BYOD policy should
- Restrict use of personal divices while employee is working in workplace during work hours
- State what divices will be supported by IT and the requirements of the divice
- Clarify finanical arangements and legal rights
- Define security measures
Social networks
Online clustering of individuals in groups with common or shared interests.
When creating social netwok policies
- Identify key risks
- Review organizations handbook for related policies
- Discuss risks and concerns with IT or consultant
- Consult legal for key compliance issues
- Align proposed policy with culture and values
- Develop written policies and secure through review and commitment from leaders
- Communicate policies and require acknowledgement signitures
- Enforce policies consistently, for both employees and management
- Keep policies up-to-date as necessary
Social network policies should include
- Prohibitions about use of organization’s resources and right to monitor
- Prohibitations from posting or disclosing confidential, proprietary or intellectual property info
- Situations requiring employer approval for postings regarding the employer’s facilities, products or services
- Rules about personal endorcement of org products and services
- Rules for personal posts about colleagues
- Statement holding emplooyees accountable for violations of laws and policies (including anonymous postings)
Situations when organizations need to monitor employee communication involves
- Telling the employee ahead of time
- Notify employee about potential monitoring may deter inappropriate communications
