3 Security Practices HR Can Use to Onboard Gig Workers

June 29, 2017

3 Security Practices HR Can Use to Onboard Gig Workers

The gig economy is flourishing, and employers are eager to embrace the freelance community to supplement their existing teams. Freelancers today make up 35 percent of the American workforce, with that number expected to exceed 40 percent by 2020. As employees ditch the standard 9-to-5 workday in favor of more flexible workstyles, employers increasing need a strategy for quickly and securely integrating gig workers into their operations.

Outdated HR workflows increase employers’ risk of a security or information breach right from the start.

But the growing reliance on freelancers creates logistical and technical problems for many employers. More people often equates to more paperwork, and onboarding inefficiencies not only slow down productivity, but also create IT vulnerabilities down the line. Faced with this new crop of employees, HR managers increasingly need to with IT departments to ensure temporary workers are onboarded and offboarded efficiently, while protecting corporate assets.

 

Gig Workers Raise Security Challenges

 

Freelancers, with some exceptions, are like any other full-time employees. They need to be properly onboarded and provided with the right devices, applications, and permissions before they can get to work. But the process of manually creating user profiles for every freelancer, across every application they need access to, can slow down employee onboarding and overwhelm IT departments. Outdated HR workflows increase employers’ risk of a security or information breach right from the start, especially if employees are given unlimited access to data, or lack authentication controls on the personal devices they work from.

 

Hiring gig workers raises the question of how HR departments will offboard these employees once their contracts expire. Failure to immediately delete a freelancer’s work profile creates vulnerabilities that leave businesses exposed to cyberattacks and data loss. If a gig worker’s laptop is stolen, for example, employers must be able to restrict access to corporate files to prevent further damage.

 

Considering that 13 percent of employees can still access their previous employer’s systems with old credentials, it’s no wonder why some security breaches originate from within an organization. Last year, the data for 44,000 Federal Deposit Insurance Corp. customers was downloaded to an employee’s personal storage device prior to leaving the agency. While the FDIC’s investigation revealed no information had been compromised, the same could not be said for Verizon customers, whose personal data was sold to a private investigator over the course of five years. 

 

How Automated Tools Simplify Gig Worker Management

 

With so many moving parts to oversee, HR and IT departments need a centralized approach to safely manage rapid gig worker turnover. Here are several ways employers can tap into technology to keep up with the constant employee churn:

 

  • Employ an identity management solution. With an enterprise-grade identity management platform (preferably one that integrates with existing HR apps like Namely or Workday), managers can provision and deprovision employee access at will. This makes it easy for employers to automatically shut down a gig worker’s credentials when their contract expires, reducing the risk of hackers accessing data with old usernames and passwords.
     
  • Automate the onboarding process. From verifying an employee’s background to passing along user attributes to the IT department, workflow automation frees up HR managers so they can focus on more pressing matters. Automating time-consuming onboarding steps expedites the new employee intake process and reduces manual errors that can go unnoticed.
     
  • Unify endpoint management to promote security best practices. Active directories help employers manage some temporary workers, but not all of your contractors rely on PCs or work on-site. Cloud-based directory tools can extend existing active directory installations to all your employees, regardless of where they work or which device they use. And with a unified endpoint management solution, HR and IT can immediately revoke a former employee’s access to any corporate data, files or applications.
     

Employers are quickly realizing the benefits of gig workers, from maximizing cost savings to boosting company-wide productivity. Faced with a more distributed, fluctuating workforce, HR managers must design equally agile employee onboarding and offboarding processes.

The Authors: 

Alvaro Hoyos is the chief information security officer for OneLogin, a leader in cloud identity management solutions, where he architects and leads the company’s risk management, security, and compliance efforts. He has more than 15 years in the IT sector. Prior to joining OneLogin, Hoyos helped startups, SMBs, and Fortune 500 companies with their security, compliance, and data privacy objectives. To learn more about Alvaro Hoyos and OneLogin, please visit: https://www.onelogin.com/. Twitter: @wherestherisk