Securing Employee Data in an Insecure World

If you are anything like me, I bet you never thought a phishing scheme would seem believable.

They were so easy to spot, right?

A ploy from someone overseas needing assistance, a fake donation website aimed at the elderly — of course those are bogus. It wasn’t until the recent IRS communication that I fully realized how realistic those emails can be and beyond that, how dangerous they can be to employees.

As mentioned in our previous blog post, our development team has taken extreme care in creating a platform that puts security first, especially when it comes to accessing all of the sensitive information the system holds. Customizable security roles, two-factor authentication tokens and audit trails are just a few examples of tools we’ve crafted to specifically combat anyone trying to view things they shouldn’t.

We take pride in the fact that employee information is not only housed in a safe environment away from outside eyes, but also that once someone is logged into the system, their access points have been tailored specifically to their role within the company. The last thing an employee should have to worry about is a fellow coworker viewing their private employment information.

Data-SecurityThe recent phishing scare, however, brought to light an entirely different angle. If our system is so good at keeping information secure, why risk communicating or sharing sensitive information via email? Each time a document is attached, or a SSN is pasted in the body of an email rather than being password protected, sensitive information is allowed to drift into our email inboxes — a place that is notorious for being easily infiltrated.

Here at StratEx, we’ve decided to renew our focus on something equally as important as our secure database: secured communication between the Service Teams and our clients, as well as promoting it within the companies we support.

One area of our system that is perfect for this focus is the HR Library.

While the HR Library is most commonly used as a place to store documents for employees to view, such as handbooks, benefit guides or new hire agreements, it is also an excellent tool to securely store documents relevant to your company. Each time a file is uploaded, it can be pre-zipped with a preferred company password if necessary. Access can then be limited by either security role or by specific positions.

This means that if only the CEO should see the report, you can ensure they’ll be the only one.

To keep things organized, you’ll be able to categorize the file based on a static list of filters, as well as add a description and notes to further assist with organization. Plus, once something has been uploaded and communicated, it can be deleted to ensure personal items aren’t floating around longer than are necessary. Each of these layers of security are designed to provide a very safe space for document- no matter what sensitive data they hold.

Moving forward, your dedicated service team at StratEx will no longer be sending any sensitive information via email. Instead, we will be uploading these requests to the HR Library for you to view and handle accordingly. We encourage you to use the HR Library as well, both when communicating with us as well as with your fellow coworkers.

Beyond just utilizing what our system is already capable of, our development team has an exciting new functionality that will be released in the next few weeks that will make communicating within the system even easier.

Introducing: The Document Courier

Very soon, we will release the Document Courier, which will allow employees to send a document directly to a specific user within eStratEx. Once a target user is selected, you’ll be able to upload a document for them and add any applicable notes.

document courier screenshot_2

A link will then be generated for you to send over to the user that will prompt them to log into the system and retrieve the document. After a certain period of time, the document will remove itself.

Our team is so excited to share this new feature with our clients, so stay tuned — additional details will be sent out soon!