In the many years of being in the Workday ecosystem, it is rare to encounter a client who doesn’t find Workday Security complicated.
But, this complexity is the core of a strong Workday tenant. It ensures that your worker data, including personal information, stays protected.
Then why do most clients find security to be one of the main points of frustration and a key area where we at Preos are asked to optimise?
Here are some thoughts on why and areas that you should consider:
1. Lack of Understanding of how Security is set up in Workday and how it Works.
It’s not about the data tables that sit in the background from where information can be derived, but rather having a clear understanding of the relational object-based data model where the different objects can talk to each other most cohesively and efficiently if set up correctly.
2. Complicated or Poor Configuration
Too many intersection security groups (most of which don’t work as intended), active domains and policies that are not needed, and improper assignment of assignable roles, only ensure that the system starts to become unreliable and open to risk.
It could mean that people in your organisation may be able to see more types of data than they should or have access to more colleagues’ data in Workday than what’s necessary for their role. For example, your line managers might need to see the compensation of employees in their team, but they likely won’t need to see their banking details. Similarly, they won’t need access to the data of employees outside their team.
3. Unstructured Support and Governance
Your SI Partner will help you create a Workday security model that works for you at the time of implementation. But what happens when hypercare ends? What happens when an acquisition takes place? What happens when someone needs access to additional data in Workday because it is urgent?
We see clients struggle to maintain their security structure over time because more often than not, the security rules are not set up for scalability, and there is no easy way to create this overview.
Establishing a Strong Workday Security Framework
It is important to have Center of Excellence representatives who understand Workday Security, who apply the same to your security setup and can ensure that changes are made in a structured and organised manner. It is necessary to equip them with the correct tools for governance & auditing purposes.
Ultimately, how your organisation is structured will drive your security model in Workday. If you’re operating in a large organisation, you’ll inevitably need more exceptions to Workday’s security roles and overall setup, which will no doubt bring extra complexity.
But regardless of your size, in a system like Workday, you should set your security up for global design, scalability, and flexibility – and continually check in on your data governance configurations when you go through major changes
Assessing your Security Landscape
Have you considered whether you have a clear overview of:
-
- The active security groups within your Workday tenant?
- The domains and policies governing user access?
- The level of access granted (e.g., ‘View’ or ‘Modify’)?
About Kamala
Kamala is a certified Workday HCM and Core Comp Lead with 13+ years of diverse experience, in different industries across the globe. With a strong HR background including roles as a Regional HR Manager, Kamala has led implementations both within client organisations and as part of a major Workday Systems Integrator. Kamala has extensive experience in managing workstreams and brings a wealth of knowledge of Core HCM, Security and Compensation
About Preos
At Preos, we help our clients get the most out of Workday. We ensure your organisation is using the platform to its full potential and getting the best possible return on your investment.
We address any inherited issues, increase user adoption, offer Workday support and introduce processes to ensure Workday meets – and continues to meet – the needs of your business in the long term.
learn moreIf you are unsure or the answer is ‘No,’ and you’re seeking a comprehensive Security Overview that’s easy to maintain and integrated within your tenant for real-time insights, reach out to us.