Q&A on IT/HR collaboration with Volodymyr Styran
by VPNHaus | 08/19/2010 |Expert Q&A
VPN Haus spoke with Volodymyr Styran, a security expert, about ways IT professionals can work more closely with HR on issues like provisioning. VPN Haus has long advocated for IT departments to make user provisioning a higher priority and Stryan has some ideas on how this collaboration can be turned into reality.
VPN Haus: Let’s start with basic tampering. How can IT administrators prevent users, especially ones who are tech-savvy themselves, from tampering with settings?
Styran: I'd suggest application of strong organizational policies and thorough logging of user actions. Changes to local policies are usually reflected in [programs like] Eventlog. Collect it centrally in a separate log management facility, review the lo
VPN Haus: What’s the greatest enforcement challenge?
Stryan: The greatest enforcement challenge is making HR execute disciplinary action. Punishing is not their favorite part of the job, because it affects image...So, when it comes to HR, one has to present and explain every bit of risk and harm introduced
VPN Haus: Can you provide 3 - 5 tips on how IT departments could work more closely with HR to foster better communication between the departments?
- Be friendly, while being firm when needed.
- Make it formal, while maintaining good relationships. Write your policies firm and strict, but socialize with HR in a positive manner.
- Pay more attention to HR’s needs and concerns; this is relevant to relationships with any other non-IT function as well.
- Always explain. [In most cases,] they know next to nothing about [IT]. "We know better" doesn't work. Although, the more you explain in the beginning, the less explanations they will need later on. This is how trust is developed with time.
Volodymyr Styran is based in Ukraine.
[tweetmeme source=”vpnhaus” only_single=false]