In a previous column we discussed the myriad of IT considerations business must take into account when hiring a new employee.
But your work doesn’t end once the new employee is no longer new. In fact, there are many additional strategies to consider throughout the life cycle of the employee’s tenure with your organization.
Perhaps one of the most overlooked periods is the middle, or the time during which your employee is growing and developing through his or her original position into larger and more expansive roles. Having a plan in place for this time period is just as important, to avoid any potential IT surprises and put the employee in the best possible position to succeed, both individually and for the organization.
Starting off, it made sense to limit the amount of data and technology your new employee had access to, based on the requirements of the job. Now that the employee has proven to be a valuable member of the organization, with potentially even more to offer than what is currently being asked, chances are the employee will be transitioning from responsibility to responsibility.
With these new responsibilities most likely come the need for more access to information, but it is important that an employer bestow this access while keeping in mind inherent security considerations. An employer needs to give thought to the evolutionary professional cycle of an employee from an organizational security perspective, especially with regard to protection of both company and client assets.
Along with safeguarding your business while allowing your employee to develop and so offer more to your organization, this period of time in an employee’s life cycle is crucial to instilling a feeling of investment. By trusting your developing employee, but also explaining to him or her the responsibility that goes along with this trust, an opportunity exists to encourage your employee to think and more importantly, to care about the business as if it was his or her own. This kind of employee perspective can only help the operations — and outcomes — of your organization.
Throughout this time and especially as additional IT access is granted, it might also be worthwhile to add on to the standard operating procedures, especially when dealing with promotions or transfers. This may include access to information beyond their desktop or workstation such as giving them remote access or allowing them to participate in the company’s BYOD (Bring Your Own Device) policy so they can access information on their own smartphone, tablet or laptop. Additionally, with new responsibilities there are new security trainings this elevated employee should participate in or review. Make certain they sign off on this and add it to their personnel file.
Be sure as well to update the Acceptable Use Policy and Written Information Security Plan with your employee, especially as responsibilities increase or significant time passes. Now is also a good time to determine whether any additional technology-related directives should be implemented.
If your organization partners with a managed security service provider, they should be able to help refresh these technological reminders and guidelines and enforce as necessary, store all of the procedures on a shared database for ease of access, and even recommend expansions of or limits to access of certain material.
Technology needs and considerations of an employee will continue to change as the employee’s role in the organization changes. In future articles, we’ll discuss IT considerations for your business when retiring or terminating an employee, as well as IT considerations for your business from your clients’ perspective.
Al Alper is founder and CEO of Absolute Logic in Wilton, which provides technical support, security services and technology consulting to businesses of up to 250 employees in Connecticut and New York. He is a national speaker on IT and security issues and has authored two books on cybersecurity and computer consultant hiring. He can be reached at email@example.com or 855- 255-1550.