Protecting sensitive data requires vigilance: HR and IT should work together to safeguard systems from internal and external threats. (HR Technology).(human resources and information technology personnel)

Human resource professionals expect security guards to keep out intruders, but they still keep files locked in cabinets behind closed doors. But what about electronic data? Each digital tool for accessing HR information--wireless devices, the Internet, intranets, desktop PCs and notebook computers--presents its own risks and requires backup security methods to prevent unauthorized access.

For example, a disgruntled employee at a telecommunications company was unable to access HR files, but he stole employees' Social Security numbers from a sales system that used them to track commissions, says Becky Strickland, owner of outsourcing firm Human Resource Matters in Albuquerque, N.M. "It was one of those situations where IT and HR personnel said to each other, 'I thought you were taking care of that.'"

Just as security guards are responsible for physical security, the information technology department safeguards overall systems security. But just as security guards don't have time to ensure all confidential files are locked up each day, HR can't expect if to constantly monitor access to personnel records and payroll systems.

"Though IT security is not HR's province, HR still must ensure it is being taken care of," says Sidney Simon, director of product management at Benefit America, a benefits administration firm in San Mateo, Calif. "HR has to be aware of it, know the issues and have confidence in its IT partners that these issues are being appropriately addressed."

The Enemy at the Gate

There are plenty of data security breaches to keep both IT and HR …