Maintaining Workforce Management Security

For managers and administrators, refer to the guidelines in this section to ensure that WFM applications are maintained securely.

Policies for Maintaining Security

The following are some guidelines for organizational policies to help maintain WFM data security:

Verify access provided to employees and understand how to securely grant and remove access.
Enforce logical password expiration and reset policies for WFM pins and passwords. Note that frequent password changes may result in password reuse or predictable iterations.
Monitor WFM product and security updates on provided community channels and perform required actions on time.
When registering user biometric data, ensure that a manager is present to validate the data.
Strongly discourage sharing of pin codes and passwords among employees.
Discourage users from using the same mobile device to punch in on mobile apps.
Plan to sign WFM applications out of devices when employees are not using them.

The following are some guidelines to manage and configure WFM applications.

To better secure access to WFM, take advantage of available security settings, including longer pin code options and 2FA authentication.
Regularly patch and update device operating systems.
For efficient tracking of security incidents, encourage use of the Notes field when punching in to WFM applications.