Baby Steps in HR Technology: #HRTech Definitions

Posted on November 9, 2013 by sathishsaga1986 — Leave a comment

We re focusing on the Baby Steps in HR Technology. No one enters this space knowing it all. HR technologies, with all of their changing acronyms and definitions can get confusing. As technology advances, these terms can get less concrete; adding tools and blending software and systems. Just as the definitions and roles of sourcing and recruiting have changed over the years, so have the tools that each use. Here are several of the core HR technology terms that every HR professional should have down.

Let’s start simple, with who will be using this technology:

HCM –Human Capital Management (aka HRM –Human Resource Management)

Fancy acronyms for HR, or Human Resources. Somehow tacking on an extra word implies importance. HR is the management process of the organization’s workforce. HR is responsible for attracting, training, assessing and rewarding employees. Additionally, HR oversees leadership and culture and ultimately ensures compliance with employment and labor laws.

The Tech Terms:

ATS –Applicant Tracking Systems (aka CMS –Candidate Management System)

Is a software application meant to help an organization recruit employees more efficiently? An ATS is used to post job listings to the company website, job board or social media sites. The ATS is also used to screen resumes by searching for relevant key words and terms that match, or are related to those found in the job description. Simply put, these systems are used to track applicants.

Almost half of all mid-sized companies and just about all large-sized companies us an ATS. As ATSs become a standard tool in HR departments, their features and capabilities are expanding. Newer ATS features can include individual applicant tracking, resume ranking, automated emails, pre-screening questions, customized fields and forms, requisition tracking.

LMS –Learning Management Systems

Is a software application or web-based technology used for documenting, tracking, reporting and the delivery of electronic learning education courses or training. An LMS is used to plan, implement and assess the learning and training process. This technology provides company leaders with a manageable and trackable way to deliver content, assess performance and monitor participation in training.

Training an entire workforce and assuring compliance has gotten a whole lot easier with learning management systems. New LMS features include threaded discussions and discussion forums, video conferencing, automated approval and notifications to ensure ongoing compliance.

HRIS –Human Resources Information Systems (aka HRMS -Human Resources Management Systems)

Where systems and processes of human resources management and information technology intersect. HRIS is where the basic functions of HR meet with technology. This type of software makes the routines tasks of HR easies and more efficient through technology. Tasks like payroll or employee record management are now done through an HRIS.

Big Data

Ah, the ubiquitous “big data”. All of the afore mentioned tools are aimed at obtaining, organizing and storing big data in a usable and efficient way. The term big data is not only relevant in the HR space. Big data refers to data sets (of any origin or within in any industry) that grow so large that it becomes difficult to process them using traditional means. Big data, without the appropriate tools, can be far more difficult (or impossible) to read, store and use, than smaller data sets.

Posted in recruiter

5 Rules for Effective Job Titles

Posted on November 9, 2013 by sathishsaga1986 — Leave a comment

As the first thing candidates see, in bold colored lettering, the job title greatest impact on whether candidates will click on a listing. Here’s how to write good ones.

• Be specific. An effective title contains information regarding the industry, function, and level of the role. For example, instead of using “Analyst” as a job title, use more descriptive titles like “Senior Financial Analyst” and “Entry Level Business Analyst.”

• Avoid abbreviations and acronyms. Terms like “Mgr,” “Mgmt,” and “Sr” are not consistently used and can be confusing to candidates. Spell out words fully to ensure that the title is comprehensive and distributed to the correct audience. The exception to this rule is use of common industry specific abbreviations or acronyms. For example, it is preferable to use “CRM” in place of “customer relationship management.” Industry accepted acronyms are also acceptable, such as “RN” for “registered nurse.”

• Make it easy to understand for candidates outside of your company. Your company may use fun and eccentric job titles like internal job IDs, “Team Lead II (028959).” Remember that external job candidates are likely to be unfamiliar with the unique naming and hierarchy of your company’s positions. Well-qualified candidates may not make the connection between the job title and their own qualifications and therefore not click on the ad. Keep your job title basic but descriptive.

• Avoid superlatives or idiomatic phrases. Some companies like to use idiomatic phrases to describe employees, like “rock star,” “ninja,” and “guru.” Spoken informally, such phrases imply expertise and high performance. However, colloquial phrases are easily misclassified by search engines and can negatively impact the relevancy of your job description. Your job listing might appear on the wrong queries or to fail to show for the right ones.

• Leave out extraneous information. Since the job title is the most important factor in determining relevancy, keep it clean and uncluttered. Do not include salary or location information, job codes, non-alphabet symbols or any other information not relevant to the title itself. Place these details within the job description

Posted in Job Descriptions

A Short Checklist for Job Descriptions

Posted on November 9, 2013 by sathishsaga1986 — Leave a comment

Search engines scan job descriptions to identify keywords associated with a particular search. Including relevant keywords or phrases ensures that your job description will appear on the appropriate searches, and enable candidates to narrow jobs by specific criteria in the filters on the left-hand side of the search results page.

A good job description encourages candidates to self-select by making the role attractive enough that qualified candidates apply and the unqualified ones don’t. Include the following components:

· Company name. If applicable, list the names of both the subsidiary or division and the parent company. Your brand matters.

· Location(s) of the open role. Include the city and state. If a role can be filled for a number of locations, all locations can be included in a single listing. Also indicate whether telecommuting or relocation is an option.

· Overview of the position. Explain core responsibilities and provide insight on organizational structure.

· Candidate requirements. Include relevant years of work, education, or direct line management expectations.

· Job type. Indicate if the job is full-time, part-time, contract, temporary, or an internship.

· Compensation. Include range or structure if possible.

· Employment restrictions. Indicate restrictions such as special qualifications (e.g. Security Clearance) or visa requirements.

· Directions on how to apply. Include an explicit button or link to apply. Make sure that the link is active and that the candidate is directed to the correct landing page. Specify what materials the candidate should submit, such as a resume, cover letter, and work samples.

These additional details can increase the interest of potential candidates:

· Company perks. Include perks like free lunches, awards, or anything else that makes it a special place to work.

· Company information. Include background information on the company, such as its history or location of corporate headquarters.

· Videos. Videos can convey company culture far better than text. If your company has made this investment, by all means include a link to your video page!

Posted in Job Descriptions

3 Google Boolean Search Strings for Candidate Sourcing

Posted on August 31, 2013 by sathishsaga1986 — Leave a comment

If you can write your own strings to use with Google or Bing then they will be looking for exactly what you want to find and you will know how to edit them if they don’t give the results you expect.

Sometimes it is useful to get inspiration from other people’s search strings – everyone has different ideas and different ways of constructing a search.

So here are three search strings that hopefully will inspire you to write some of your own and find a few names.

1. Search London marketeers on LinkedIn

site:linkedIn.com/pub “marketing manager” London

This string is looking for the linkedin profiles of marketing professionals in London.

The results for this search include a lot of profiles that just mention London – ensure that you search uk.linkedin.com to just see UK profiles.

You may also see some directory pages coming up in your results, you can get rid of these on Google using -inurl:dir

Your string will then be site:uk.linkedin.com/pub “marketing manager” London –inurl:dir

Use different job titles and industry keywords to look for the types of candidates you are interested in. Add more skill or qualification keywords to narrow your results.

You might want to add more location names too – London for example could be expanded to (London OR Barnet OR Croydon OR Ealing OR Bromley OR Enfield OR Wandsworth OR Southwark OR Lambeth OR Redbridge OR Lewisham OR Hillingdon OR Brent OR Westminster OR Newham OR “Tower Hamlets”). Those are the largest London boroughs by population as listed on Wikipedia.

Bing is very good at finding LinkedIn profiles without polluting the results with too many directory pages and the like. This means that you see better results with less need to be too exact with your Boolean skills.

If you’re using long lists of place names like the one above, you might be better to use Google. Google will take 32 search terms but Bing limits search queries to 150 characters in length.

2. Search London marketing event attendees

list (conference OR expo OR workshop OR seminar) (London OR UK) Marketing

This string is looking for lists of people from marketing events in London. This could be lists of attendees or speakers etc.

The brackets in these strings are notstrictly necessary – Google totally ignores them and the strings follow Bing’s natural order of operations anyway. I like to use them though, if onlyto keep my own thoughts organised.

This string returns lots of interesting information about marketing sites, networks and events but not much in the way of rich people data. You could include people keywords like (attendee OR delegate OR member).

You’ll then notice that some of the actual delegate lists in your results are pdf files. Delegate lists are often in pdf or SpreadSheet formats – so adding something like (filetype:pdf OR filetype:xls) to your string will probably bring back lots of rich results. Even if events aren’t marketing focused, the people on the list might have “marketing” in their job titles.

To make the results relevant to you, start by changing the industry and location keywords as appropriate. You could try using a job title of interest along with a broad industry keyword.

3. Search for CVs Uploaded to Scribd

site:scribd.com (CV OR Vitae) (UK OR “united kingdom”)

This search string is looking at pages from the document hosting website Scribd. I think of Scribd as a YouTube for documents instead of videos. People upload all sort of documents like reports, magazines, presentations and even CVs.

I found a lot of template and example CVs on Scribd so it helps to add -template -sample -example to your string to eliminate these.

Add industry keywords or job titles to the string to see if there are any CVs of interest to you on Scribd.

Google seems to get to the CVs of real people much easier than Bing does. I found that the results I got from Bing were dominated by documents from just one Scribd user.

There are lots of document sites like Scribd, you could also try site searching issuu, docstoc and SlideShare.

Source : theundercoverrecruiter

Posted in Internet Recruiting

The 7 Habits of Highly Effective Recruiters

Posted on March 30, 2013 by sathishsaga1986 — Leave a comment

Begin With the End in Mind. There is too much focus on skills and experience when opening up a new job. By describing the job in terms of outcomes and the long-term career opportunity, the skills become a subset of performance. The idea is that if a person can do the work, the person has the right skills and experience. This allows a company to upgrade the talent pool to include more high-potential, diverse, and passive candidates without compromising quality of hire. When talking with strong candidates, recruiters need to be able to describe real job needs as a series of clear performance objectives (design new rapid response mobile interface) rather than emphasizing skills (must have 3 years+ HTML5 and a BSCs).

Think Win-Win. This is recruiting from beginning to end. Passive candidates need to see the career opportunity in another job before they’ll consider it seriously. This typically is a slow process taking days to fully absorb, not minutes to explain. So recruiters can’t rush it. They need to sell the next step, not the job. This requires a series of career discussions and in-depth interviews, including exploratory meetings with the hiring manager. If the job is a true career move and the candidate is exceptional, the compensation will be resolved without much duress.

Be Proactive. If you want to hire the best person available, rather than the best one who applies, pick up the phone and start getting referrals. Strong networking skills are a critical part of this. The direct way: use LinkedIn to find prospects connected to your first-degree connections and ask them about specific people. These people will call you back, so your productivity will soar along with quality of hire. The indirect way: find the best prospects in the entire LinkedIn database who are your second-degree connections, then find your first-degree connection and ask if they’re qualified. When getting referrals, don’t ask your connections if they know people who are looking; instead, ask them to tell you who is the best person they know in a specific field. Then call this person, mention the person who referred them, and recruit the person thinking win-win and begin with the end in mind.

Put First Things First. Prioritize and work on work that matters. This is the difference from filling the position with the best person who applies to seeking out and recruiting the best person available. Focus on urgent and important, not just urgent, and especially don’t focus on not urgent and unimportant. Too many recruiters spend their valuable time weeding out the weak, rather than attracting the best.

Seek First to Understand and Then Be Understood. Too many hiring managers overemphasize skills and experience when opening a new requisition. They then either overemphasize technical brilliance or the impact of first impressions when deciding to hire the person or not. If a good candidate is rejected for a bad reason, recruiters need to intervene by first understanding the real job, why the person wasn’t considered, and as a rebuttal, presenting detailed evidence the candidate has performed similar work at peak levels. Recruiters can’t use hyperbole to convince a hiring manager about the worthiness of a candidate, but they can use facts and evidence.

Synergize. This is team skills on steroids: working with, influencing, coaching, and developing people. For a recruiter it’s working with and influencing the hiring manager and the interviewing team to make the correct decision using the correct information. Too many recruiters aren’t willing to challenge those with more authority even though they know their decisions are flawed. Becoming a trusted partner in the entire hiring process is essential if a company wants to see and hire the best people available.

Sharpen the Saw. Constant self-improvement is not only a core characteristic of all top performers, but essential for recruiters who want to stay competitive. It starts by mastering the three primary sourcing channels: improving the yield and quality of all job posting efforts, using and nurturing talent databases, and becoming an expert at networking and passive candidate recruiting. Once these are mastered individually, shift the entire emphasis to passive candidate recruiting, since this represents 85% of the total talent market.

As the hiring market shifts into second and third gear, recruiters will become the front line for helping companies hire the best talent available. Don’t settle on the best person who applies. It’s time for recruiters to improve their game.

Courtesy: From ERE.Net – Lou Adler is the CEO and founder of The Adler Group

Posted in recruitment

Developing a Social Recruitment Strategy

Posted on March 24, 2013 by sathishsaga1986 — Leave a comment

LinkedIn, Twitter, Facebook, and Google+ together amount to over 2,000 million users internationally – that’s a lot of potential candidates. Most recruitment businesses have tried to incorporate social media into their activities in an attempt to reach this immense userbase, some with great success, but others have been disappointed with results or found them impossible to quantify. If you identify with the latter, it’s not time to abandon social recruiting yet; it’s time to develop a strategy.

What do you hope to achieve?

When we ask recruiters what they hope to achieve with social media the response is often something vague like, “To attract more candidates.” That’s a good place to start but it needs some honing down:

• Specifically, what kind of candidates do you need to attract more of? Which skills do they have, what level of experience? What are their general interests?

• Why do you need to attract more of this type of candidate? Is it primarily to fill vacancies immediately or to grow a talent pool for future opportunities?

• How many candidates do you need to attract with social media to make it worth your while?

Drilling down into specifics should bring you from one general aim like, “We want to attract more candidates” to a set of more specific long and short-term goals like, “Attract a minimum of 10 new graduate developers per month for our talent bank”, “Source 2 suitable candidates to put forward for the Customer Services Specialist role at Hawsoft”, and so on. It’s only with precise goals that you can choose the appropriate networks and later determine their effectiveness.

Which social networks are best for me?

Once you’ve established exactly what you hope to achieve, you can decide where and how to distribute your efforts. Each social network represents different demographics as well as different user behaviours.

LinkedIn is already part of most recruiters’ social media mix, and for good reason – it’s an ideal place to source candidates to fill vacancies fast from a vast range of industries. However, if you’re looking for fresh graduates, you may have more luck finding them on Facebook or Twitter.

Unlike the other social channels, LinkedIn is a dedicated professional network, so everyone there is already thinking about careers. This makes it the perfect place to source potential candidates – but you won’t be the only one getting in touch. LinkedIn is already saturated with recruiters competing for the same candidates, so work on making personalised approaches to stand out from the competition.

Twitter has great viral potential for getting your job ads out to a wider audience. We recently hired an intern at Firefish who we found on Twitter (along with two other final interviewees). One of our team put out a tweet asking if there were any budding graduate copywriters in the area to join a software company, along with a link to the job ad on our website. Within 24 hours it had been re-tweeted 30 times to over 6,000 users.

Facebook is still viewed very much as a personal sphere. Users are generally there to keep up with their friends and are anxious about the idea of recruiters invading that space, so it’s not an ideal place to make direct approaches. On the other hand, it’s a great place to build passive interest in you or your clients by sharing light content that’s likely to appeal to your target candidates, such that when they do start to look for their next opportunity, you’re at the forefront of their minds.

Google+ has over 400 million registered users, but suffers from a lack of engagement in most spheres. According to this study of 4 million Google+ users, 18-34 year old males in the technology sector are the biggest demographic on Google+, which may make it worth targeting for IT recruiters. The main benefits of using Google+ for most, however, will be SEO improvements that improve online visibility, indirectly leading more candidates to their jobs.

Posted in social recruiting

Why Won’t Candidates Connect with Me on LinkedIn?

Posted on March 23, 2013 by sathishsaga1986 — Leave a comment

LinkedIn boasts over 161 million users across over 200 countries: it’s the biggest source of candidates imaginable, and there’s little question why it’s the first bookmark in the browsers of most recruiters. Connecting with the right candidates isn’t easy though. If you’ve ever found yourself asking, “He’s perfect for this role – why won’t he connect with me?”

1. Reach 100% profile completion.
You’ve found a great candidate and you read their profile from top to bottom. Now they’re going to do the same to yours – and if it doesn’t give them a comprehensive understanding of who you are and what you do, why connect with you when there are other recruiters who make a better impression?
LinkedIn gives you step-by-step instructions on how to complete your profile and it’ll warn you if your profile is incomplete. If you’re seeing that warning, set aside some time to address it before you attempt to make any connections.

2. Build a network of over 250 connections.

It’s not going to happen overnight, but if you’re relatively new to LinkedIn then try to add as many of your professional and personal connections as possible before contacting potential candidates. Why? A small network rings alarm bells to a candidate: who is this guy? Is it a scam? Do I want to reveal to him that I’m not happy in my current job? Trust is vital here, and we’re naturally more inclined to trust someone that we see other people have trusted.
Once you’ve connected with your colleagues, ex-colleagues, friends and family, start targeting other candidates in the industry you’re recruiting for. Your connections reflect your credibility: the more you have within your target candidates’ industry, the more likely he is to listen to what you have to offer.

3. Tailor your heading.
You’re an experienced IT professional, and two recruiters send you a connection requests on LinkedIn: one calling himself Recruitment Consultant and another calling himself IT Recruitment Consultant. Which interests you most at a glance?
Remember that you can change your heading as often as you like, so if you’re sourcing for an IT company this week and a media company the next, there’s no reason why you can’t change your heading to reflect that.

4. Delete the standard, “I’d like to add you to my professional network” message.

Don’t even think about sending a connection request with the generic, “I’d like to add you to my professional network” message – it’s the digital equivalent of those automated, robotic cold calls that have you slamming down the phone faster than they can say, “PPI claim”. Delete that standard message for every single connection request you initiate. It may be quick and easy, but it will only yield responses from the least discerning candidates.

5. Draft a personalised message.
Replace that generic connection request with something personalised, including a piece of information from their LinkedIn profile, the name of a mutual contact, or something from a Google search. Remember that the best candidates receive messages from recruiters every day; the only way to stand out from the crowd and grab their attention is to get personal. It takes slightly longer, but your effort will be rewarded with a higher connection success rate

Posted in LinkedIn

Are Your Job Ads Annoying?

Posted on March 23, 2013 by sathishsaga1986 — Leave a comment

1. No salary information

It’s a tricky situation for recruitment agencies. One commenter writes:

“I wish I was able to include salary as part of the description, however, it’s HR that determines that nondisclosure not the recruiter. What happens is that people who are under and overqualified apply, which makes more work for the recruiter who is screening the applicants. Not exactly a win-win situation.”

Not a win-win situation at all! If you can’t give a salary range, at least indicate what level of experience is required, e.g. “entry level”, “2-3 years experience in a similar role”. Be absolutely specific about exactly what the candidate needs to have achieved to date and what they would be expected to achieve in this role to help them infer roughly what kind of compensation to expect.

2. Too long and demanding

The volume of candidates on the market is immense, but the volume of candidates with the technical skills and experience you’re looking for is – well, anything but immense. Sure, you don’t want to encourage unqualified candidates to apply; but you don’t want to run this risk either:

“A precise job description should be a key to find an appropriate employee, but sometimes the job specs look like a “wish list” and a desired candidate looks like a non-existing superhuman. Thus a job description has a reverse effect – not to attract potential workers, but to scare them away.”

Before publishing any ad, review each requirement and ask: would it be an absolute deal-breaker if, in lieu of a stronger candidate, the applicant didn’t have this? If the answer is no, cut it out and save the question for interview to avoid losing out on good candidates.

3. Spelling and grammatical errors

“More and more I’m finding typos. As a job seeker, I’d have to wonder if I want to work for a company that can’t even take the time to read what it’s putting out there for everyone to see. As a recruiter, I’d be totally embarrassed if a job seeker pointed out a spelling error.”

Clichés are another common frustration:

“I dislike long narratives or bullet-points calling out obvious traits, i.e. “good communication skills,” “highly motivated” and so forth. I mean, doesn’t every candidate think he possesses those intangible characteristics? And besides, how do you measure it?”

As recruiters, we’re all under pressure to get ads out to start attracting candidates right away – sometimes mistakes are going to slip under the radar. However, your ad is often the only measure a candidate has to judge your client by. The most skilled candidates have their pick of opportunities and will discriminate if they see typos as unprofessional or clichés as lazy.

4. No quick or easy way to apply

Without a quick and easy way to apply for the job, even the perfect job advert is wasted. At the very least, publish a contact name, number, and email address with the ad; or give candidates the means to upload their CV and apply directly through your recruitment system. If you’re using a recruitment system though, be aware that Frustration #5 is excessively long online application processes: keep the initial application as short and sweet as possible!

Posted in Job Descriptions

How Recruiters Should Write for Social Media [9 Useful Tips]

Posted on March 17, 2013 by sathishsaga1986 — Leave a comment

1. Don’t be all “me me me”

Remember: social media is all about being human, especially when you are a recruiter. Keep in mind the “rule of thirds” – spend:

A third of the time promoting yourself, talking about your products, service and what you have to offer;
A third of the time talking about what’s going on in the industry, retweeting and sharing other people’s content;
A third of the time just answering people’s questions and doing general admin tasks.

2. Don’t be afraid to be brief

As Facebook doesn’t have the character count limitations that Twitter has, there’s the temptation to waffle on forgetting the fact that a lot of people view content on their mobile devices. People who view Facebook might be put off if they see lengthy content from you, so don’t try to be too dominant with your posts.

With Twitter, make each tweet that you want to be shared retweetable:

Keep your tweets under 150 characters, to leave pace for the username of the person retweeting you and pace for any comment that the user might add to your tweet
You can use a link shortener, which is often built into a few Twitter clients
Before you post the tweet, read it and ask yourself, “is there a way I can write this tweet to make it more concise?”.
Try using synonyms for long words: for instance, instead of saying “attempted”, why not say “tried”?

3. Use extra punctuation

Punctuation makes your tweets easier to read and easier to share as well, as they add extra clarity to your tweets (when used correctly). This is statistically proven: Dan Zarrella, an award-winning social media scientist, has conducted a research on Twitter and retweets and he found that retweets are more likely to contain punctuation that tweets that aren’t retweeted.

4. Ask a question and say “you”

If you want to engage the reader:

Make use of the word “you”,
Ask questions,
Ask opinions,
Use strong words like “why”, “what”, “who”, and “how”.

5. Avoid abstract titles

Unfortunately this is sometimes that often goes overlooked in social media: coming up with a good and effective title for your content. This applies to blog posts, YouTube videos etc.

When you use “abstract titles”, people can’t be 100% sure of what your content is about until they click on a link and finally see it. If users don’t feel compelled to open the link after reading the title, they won’t see your post, hence they won’t share it.

6. Tell people what to expect

Tell your readers or viewers what to expect right from the title.
You don’t need to give all the details away to do so. For instance, football writers will only hint at what the article is about in the title but they won’t give away all the details. This is a simple but effective way to invite readers to see and read your posts.
Though people overlook this, update your bio on social networks. This will give people a chance to see what you and your blog/channels are about.

7. Check your spelling and grammar

If you don’t use grammar properly, it reflects badly not only on you as a person but also on your brand. Candidates won’t be impressed, same with clients.
Don’t rely heavily on the spellchecker – they will detect incorrect spellings but they won’t check the semantics of your sentence (whether what you’ve written makes sense or not).
Don’t rush – read your content through before you post it, whether it’s a tweet, a Facebook status, or a blog post.

8. Don’t forget your context

Context is very important: once you post a tweet, you don’t have control over it – people will start retweeting and it’ll be shared with the world.

Keep in mind what’s going on in the world – if your tweets are sent out in inappropriate moments, they might be retweeted and shared for the wrong reasons.

9. Don’t auto-post between context

A lot of recruiters auto-post across platforms because it’s quick, efficient and very easy to do. Sookio’s argument against auto-posting is that it looks lazy to your followers and readers, and you might come across as dismissive and too busy to cater for your audience on your various platforms.

In addition, by using auto-post you don’t take full advantage of your social media platforms. For instance, on Twitter you might be limited to text, a link and/or a picture, but on Facebook you can make more use of multimedia and write more.

Be very careful what channels you auto-post on, especially if you decide to push your tweets to your LinkedIn feed. Though you might have an amount of liberty to express yourself on Twitter, remember that LinkedIn is a place for professionals and they might not be particularly happy to see drunken tweets on their LinkedIn feed.

Source : http://theundercoverrecruiter.com

Posted in social recruiting

How safe is HR data in the cloud?

Posted on March 10, 2013 by sathishsaga1986 — Leave a comment

Cloud computing is all the rage for some firms. But should very sensitive HR data reside on the Internet?

Cloud computing refers to keeping data on vendors’ servers operating on the Internet or “in the cloud,” and not on a company’s computers. Think software-as-a-service (SAAS).

Most experts say the advantages are many. But are they worth the risks?

The Advantage

Cloud hosting takes up less space, saving companies thousands of dollars by allowing them access to expensive technologies, yet companies pay only for the services they use. By “renting” rather than buying software to house payroll, benefits or recruiting data on vendors’ servers, for example, managers can relieve themselves of IT maintenance burdens. It’s convenient, too.

“Cloud computing makes an IT investment more efficient, flexible and faster and allows access to data anytime, anywhere, any place and with any electronic device,” said Jose Granado, a security expert with Ernst & Young.

But having ubiquitous access to that data make that data more prone to theft. “The more connected we become, the more exposed we are,” Granado said.

Consider this: In June 2011, Dropbox, a popular cloud storage site where 25 million people store their videos, photos, documents and other files, inadvertently left the site open for four hours on Father’s Day. The glitch let anyone log in to customers’ accounts with any password.

Now imagine if those files included sensitive employee data such as Health Insurance Portability and Accountability Act (HIPAA) information or data from E-Verify such as Social Security numbers and dates of birth.

Get the picture?

The Risks

Yet, many cloud providers would have their customers believe that utilizing cloud storage is completely safe.

But is it?

“That’s a great question,” said Damon Petraglia, director of forensic and information security services for Chartstone LLC. Petraglia is a consultant for the electronic task force for the U.S. Secret Service as well. “There’s no way to know unless you assess the cloud you’re going to put your data in.”

Experts say that people looking to use cloud computing—especially HR departments—need to do their homework before putting their faith in the cloud.

Cloud computing is growing. According to Ernst & Young’s Global Information Security Survey, released in late 2010, 45 percent of companies were expected to use cloud computing by the end of 2011. According to International Data Corp. (IDC), the cloud computing market could hit $72.9 billion by 2015.

Although cloud computing services are gaining greater acceptance, organizations must still address the potential risks before they move their business applications to the cloud. Ernst & Young’s survey shows that nearly half of respondents are engaging in, evaluating or planning to use cloud-based solutions. However, the top risk most concerning businesses about using the cloud is compromised data. Not knowing the exact location is a fear as well.

“Basically, when you put data into a cloud you may not know where it is,” Petraglia said, as some Amazon customers discovered on Aug. 7, 2011, when a power outage interrupted Amazon’s only European data center in Dublin for two days, leaving the company struggling to restore customers’ data.

Data in the cloud, Petraglia pointed out, is only as safe as the company hosting it.

“So when it goes into the cloud and you let someone else be responsible for it, you’re taking a risk,” he said. If the information is compromised or hacked, the company will be on the legal hook, not the service provider.

Say, for example, “a church website has its data residing on the same server as a porn website. How well locked down is that server? If I’m the administrator for the church website, could I escalate my privileges and get into that porn site and manipulate other things on that server?”

He added: “If you have extremely sensitive data—national security data—then you do not want that comingled with people shopping for shoes and looking at porn and funny pictures of cats. You want as much possible control as you can have.”

Due Diligence

During a session at the International Association for Human Resource Information Management, Inc. (IHRIM) conference in the spring of 2011, Brian Richards, vice president of Client Technologies for SIRVA, Inc., heralded the benefits of cloud computing for HR.

But he added that with data security “there’s no silver bullet. If you’re evaluating a vendor and are concerned with data security, look internally and see if they can do it better than your IT department. Do due diligence.” He said that, in many ways, a cloud computing provider has to demonstrate that it has good data security—more “than your IT department, because if they have a data breach, they’re out of business.”

Dev Chanchani, president of INetU, a cloud computing provider, concurred, adding that there are three broad categories to consider when selecting a cloud computing provider: physical, technical, and administrative.

“You’ll want to access logs, tour the data center, go through data center questionnaires and see who has the administrator’s password,” said Grady Summers, principal, information security, at Ernst & Young. “Make sure that the service provider can meet regulatory requirements as well.”

Summers said cloud computing can be “very secure, but companies can’t rush into it.”

There is a tradeoff, he added. “You’re going to have to accept [that] you’ll never be able to do an annual review of the data center. You might get better security, but you’ll have to adjust the way you think about security in the cloud.”

Aliah D. Wright is an online editor/manager for SHRM.

Posted in Cloud Computing

	indianist on How To Search For A Job While…
	Sandy Shaw on Networking Tips
	Anonymous on System Development Life C…
	Liliane Bettencourt on How to Write a Good Resum…