Quando as medidas de segurança de TI encontram resistência do RH, preencher a lacuna entre as áreas é essencial. Para isso, é importante apresentar riscos e impactos baseados em dados concretos, o que esclarece a necessidade de proteger os sistemas e dados da empresa. Além disso, a escuta ativa com o RH permite entender suas preocupações e encontrar soluções que atendam às necessidades de ambos os lados. Propor a implementação das medidas de segurança em fases possibilita ajustes conforme o feedback do RH, garantindo uma adaptação contínua. Assim, a colaboração entre TI e RH fortalece a segurança organizacional, promovendo um ambiente de trabalho seguro e eficiente.

Enfrentar resistência do RH em relação às medidas de segurança de TI pode ser resolvido com alinhamento e compreensão. 1️⃣ Entenda o propósito: As medidas protegem informações sensíveis dos colaboradores e da organização. 2️⃣ Proteção para todos: Ações como treinamentos contra phishing beneficiam diretamente o time de RH e os colaboradores. 3️⃣ TI como aliada: Trabalhar junto à TI fortalece o compliance e reduz riscos relacionados a dados pessoais. 4️⃣ Educação é chave: Engajar e educar evita resistência e promove adesão às mudanças. Com diálogo e parceria, RH e TI podem criar um ambiente mais seguro e eficiente.

Facing HR pushback on IT security measures? Start by understanding their concerns, such as workflow disruptions or complexity. Highlight how data privacy standards (e.g., GDPR, CCPA) protect employee data and prevent reputational or financial risks. Collaborate with HR to develop phased, user-friendly solutions that balance security and operational needs. Provide educational workshops to bridge knowledge gaps, using examples like risks from data breaches. Reference benchmarks from other organizations to validate your approach. Finally, measure and share outcomes, such as improved data protection or compliance success, to demonstrate the value of these measures and foster alignment.

HR is usually a department that is primarily concerned with the well being of the individuals in the organization, this usually requires a healthy sensitivity for privacy issues. In my opinion this is a classic case of two different departments that want the same thing: improving company and personal security. IT should present to HR the cutting edge tehchnology on these subjects and offer to facilitate their implementation to achieve the common goal. In the end it's a matter of aligning schedules and priorities, and of course an opportunity to strengthen the communication and the cooperation between two different departments.

En mi experiencia una forma de atender el tema es: 1) Brindar información que permita clarificar las medidas en cuanto a su consistencia, alcance, frecuencia y responsables 2) Compartir los motivos para implantarse y los beneficios que ofrece para la organización 3) Comunicar los avances respecto de su implementación, resaltar los avances y resultados asociados 4) Mantener escucha activa respecto de las resistencias asociadas al tema y atenderlas de manera clara y oportuna 5) Contar con el apoyo de la dirección respecto de las actividades asociadas

Emphasise Zero tolerance policy for cyber hygiene, as a company’s credibility, financial performance is at stake if they suffer a cyber incident. Adopt below path to address HR pushback: 1. Engage with HR to understand their concerns. 2. Outline the implications on operations, CX, financials caused by cyber attacks at other organisations. 3. Educate on how a single cyber breach can dismantle the credibility a company has built with customers over the years. 4. Assess the impact of a data breach on systems, data, partners. 5. Use business terms to convey the impact to HR. 6. Table preventive, corrective steps for each employee to maintain cyber hygiene. 7. Establish feedback loop with HR to gauge teams' concerns on the ground.

Security it’s not just an IT concern. For me a successful IT-HR alignment comes down to three key strategies: 1. Establish a monthly "Security-HR Sync" where IT demonstrates real security threats using HR-specific scenarios. This made risks tangible and relevant. 2. Streamline exception process for urgent HR needs while maintaining security. HR gets a dedicated IT security contact for time-sensitive issues. 3. Implement security changes in phases, gathering HR feedback at each stage. For example, our new MFA rollout started with a pilot group from HR, letting them experience it firsthand and help shape the full deployment. This collaborative approach turned initial resistance into strong partnership.

In many organizations, HR's resistance to IT security measures may be based in legitimate concerns. Heated markets and complex legislations make legal and labor issues a real and costly threat, while talent retention and development are also significant challenges. However, it is possible to find a middle ground where security demands are addressed in harmony with HR priorities, considering the difficulties and needs of both sides. Nonetheless, encouraging and supporting this open and collaborative dialogue will not be achieved without stimulation and backing from top leadership.

Prioritize collaboration. Emphasize that strong security is essential for protecting sensitive HR data and ensuring business continuity. Present clear, data-driven evidence of potential risks and costs associated with lax security. Offer flexible solutions that balance security needs with HR workflows. Ultimately, position IT security as a strategic partner in safeguarding the organization's most valuable asset: its people.

It's usually because they're worried about how it'll impact their workflows or maybe they feel a bit left out of the loop. So, first things first, sit down with them and explain why these changes are so important – think protecting sensitive employee data, avoiding those nasty phishing scams, and keeping the whole company safe. Make sure they understand it's not about making their lives harder, it's about protecting everyone. Walk them through the new procedures, offer some hands-on training, and be patient! Maybe even show them some real-life examples of what can go wrong without proper security. A little bit of humor never hurts – remind them that even HR needs to be on team "cybersecurity superheroes"! 💪