Protection of HR/Payroll data is very important and cannot be overlooked. We are in the 21st century where mobile technology has reshaped the business landscape and provided flexibility in how businesses work. Now that employees can access business software and company information directly on their smartphones and tablets from any location, ensuring the security of your company’s data has become more critical than ever. As many human resources (HR) professionals know, your company’s data is extremely important and can be easily compromised. That’s why companies have worked so hard in the past to ensure the proper security measures are in place to protect everything from employee history, salary information etc.
In this article I will be discussing some security features available in SageVIP People system.
Whenever the VIP People application is opened, the user is forced to provide a valid user name and password. This is to identify the user and to allow, or block, him from certain areas of the application.
The Login screen prompts the user for a User Name and Password. If an incorrect combination of user name and/or password is entered, the user is not allowed access to the application.
If the active profile is set to Active Directory, the Automatic Logon box allows the user to enter the application without having to enter a user name and password whenever the application is opened. The application will authenticate the user as the user who is logged into MS Windows.
The user must successfully logon with the Active Directory user name and password, with Automatic Logon enabled, before this feature is enabled.
After successful logon, the User ID and User Name will be displayed on the Status Bar at the bottom of the screen. This is purely for informational purposes only. (source: SageVIP People)
Role based Security
The permission to perform certain operations on Sage People application are assigned to specific roles, roles are assigned to groups, groups are assigned to system users
UI Access Security
Where can a user go? (Navigations). You can specifies areas/fields of the People Application that may be accessed or viewed by users.
You can determine what data can be accessed and also add, update, delete operation that can be carried out by the user.
SageVIP people has options to specifies the complexities of password-very flexible
Password Expiry Days
Administrator can specify number of days password is valid before the user is force to enter a new password
Failed logout count
Administrator can specifies the maximum number of times a user will be allowed to enter an incorrect username/password before the account is locked.
When the Automatic logon checkbox is checked with the active profile set to Active Directory, the system allows users to enter the application without using the username and password
Session time-out( Session token Expiry Hours)
SageVIP People has been designed to force user to logon after the specified number of hours have expired
- Content Sensitivity
- Organisational Security
- Content Category Security
- Local Authentication
- Active Directory Authentication