Seasonal Employees and Cyber Security
Padgett-Beale’s chief of staff is looking to analyze the risks and mitigations of hiring
seasonal hotel employees. Douglas Bonderud provides an analysis on seasonal employees
and cyber security and his analysis is accurate. He provides sufficient steps to take care of
the risks, although a few steps can be added. His guidance provides a great blueprint on
mitigating the risk of seasonal employees in cyber security for a company.
I agree with the author’s suggestions on seasonal employees. I feel that employees
who feel they are part of a team are less likely to do any malicious activities. I agree that
a set end date is a good idea, to ensure the customer knows what to expect from the
beginning, as well as having a routine schedule to ensure seasonal access is revoked in a
timely manner. The other suggestion that is a great idea, is using fake information in a
training environment. I worked in a call center where a lot of employees came for the
training money and quit, so the fake information is a great alternative.
I am indifferent on whether the Secure Computer User Training Course would help.
I think it would help for employees who does not know, that sticking a personal drive into
a computer could cause corruption, but I don’t think it would help for an employee who
has malicious intent. I think the most important steps are the thorough background checks
would help. In the article it states, to not skip over this because they are seasonal and I
completely agree. If anything, there background check should be just as thorough if not
more thorough. Another step that should be taken is bonuses. I think the seasonal
employees should receive some type of incentive such as a bonus, and also maybe
discounts on hotels for a year. I think if I was treated this well by a company, I would be
less likely to have any malicious behavior versus if I felt used. The last step that I would
take is to ensure information is secure as possible. I would ensure I have security cameras
where information is taken such as a service desk to see if anyone is writing down or
copying anyone’s information. I would also ensure that information can be blocked as
much as possible, for example if the entire card information is not needed by that person,
then everything but the last four digits should be blocked. I also agree with the step that
the author suggest when he states that a contract should be signed to ensure that you
are covered in any legal matters, because you can put all preventative measures in place,
but there is always a risk.
Managers can add to the mitigation by providing leadership. Managers can show
leadership by first being an example, ensuring they are following all protocols that they
preach. Another way they can show it is by showing how important it is whether that be
via meeting, email, trainings. This would be more efficient if the manager shows face or
sends personalized emails so that it feels more personable. Another thing that can be
implemented is maybe giving an award for every quarter without a cybersecurity incident.
Sometimes goals if employees and managers more to strive for. This can cause the team
to be more careful than they normally would.
In conclusion, the article provides a great blueprint. Ensuring background checks are
conducted, ensuring employees feel like a team, and ensuring access is removed upon
termination of employment are great steps for seasonal employees. The employees can feel
welcomed with bonuses, and goals. Leadership also plays a very big role in ensuring that
mitigation is at its best. With these steps hiring seasonal employees should not pose as
great of a risk.