5 Common Workday Security Mistakes (You Should Avoid)
Workday provides tremendous value to an organization, but when it comes to granting access across the entire enterprise, things get a bit tricky. How do you strike the appropriate balance between giving people the access they need to do their jobs while keeping your important business information safe? Unfortunately, even with Workday Security, figuring that out can be easier said than done.
Over the years, our senior-level Workday consulting team has helped many organizations develop, deploy, and even train staff on Workday Security. That experience has led our experts to identify common mistakes that organizations tend to make that hurt their chances of implementing a successful solution.
Here are five of the most common Workday Security mistakes (that you should avoid).
1) Complicating Security Groups
The best piece of advice we can share (and share again) is to keep Workday Security simple. We’ve seen so many organizations get into the mode of making changes to fix every single issue only to realize that they’ve added so many new features that the system has more problems than when they started.
Keep your security groups simple. When you create restrictions, do your best to avoid a lot of intersections in Security with exclusions. This will make it easier to follow and troubleshoot when issues come up because you won’t have to dig quite so far into the morass to figure out what’s going on.
2) Improperly Setting Up Integrations
A common mistake we’ve seen implementers make is to throw everything short of the kitchen sink into making an integration run, as opposed to taking the time to pare things down to only that which it needs to run. In other words, if you’re building an integration that requires Security for the integration to run, make sure the integration only has the access it needs to run its process and nothing more. Otherwise, you’re basically throwing broken glass in the road ahead of your car and hoping you don’t run over it later.
Another way we’ve seen clients fumble their integrations is by allowing them to run under personal user accounts. We’ve seen situations in the past where an integration was set up to run under an individual user account. That worked…until the person left the company. As was the standard practice, the company disabled their account…which also caused the integration to fail. This was a time-consuming lesson for the company. (And you can be sure they don’t allow anyone to set up integrations under personal accounts anymore.)
3) Forgetting to Document Everything
When it comes to security, documentation is critical. Not only do you need to develop a plan on how requests will come in, what will be reviewed, prioritized, and how work will get done, but you also have to document this plan. An undocumented plan is like trying to put a jigsaw puzzle together after throwing away the box—you might have a clear picture of what you’re trying to accomplish right now, but what about a month from now? What ten months from now?
A well-documented plan will save you headaches in the future, not to mention ensure that everyone involved in the project has something they can reference as things progress.
4) Not Building Out a Comprehensive Testing Plan
Before you even start implementing Workday security, develop a comprehensive testing plan. We’ve had clients in the past that failed to test every single change they’ve made, and somehow it’s always the ones that seem fine at the beginning that end up having an enormous impact on every other aspect of security.
A comprehensive testing regimen will help you discover issues before they end up breaking the rest of your system.
5) Administrators Approving Every Security Request
Finally, it’s important for your Workday Security administrator to have the ability to push back on security requests. If someone in the company makes a security change or request, review it and challenge it, if needed. Far too often, we’ve seen admins get in the habit of automatically approving every request that comes in. If a security request isn’t valid, necessary, and tested, it shouldn’t be approved.
Getting Started with Workday Security
If there’s one thing we hope you take away from this article, it’s to keep it simple. As a cloud solution, there’s no customizing the Workday software as a whole. You can customize the platform as far as Workday Security is concerned, however. That customizability is one of the feature’s strengths—there are plenty of ways to tweak it to best suit your organization’s needs—but it can also get very complicated if you don’t pay attention to how those choices impact your system as a whole.
That’s where the experts at Surety System come in.
Our Workday consulting team can help you design a Workday Security plan that ensures you get the most out of your investment while keeping your data safe and secure at the same time. Contact us today to get started.