BIPO专访 | 探究SaaS技术的未来As hybrid work models and digitalisation continue to shape the future of work, more businesses are adopting software-as-a-service (SaaS) tools to facilitate collaboration, engagement, and the scaling up of self-service options for the workforce.
This in turn, creates a security risk that organisations need to address, said Albert Liew, Managing Director, Singapore and Indochina, BIPO.
Speaking with HRM Asia, he explained, “As large amounts of sensitive data can be accessed from any smart device by many users, this poses a risk to privacy and sensitive information, including vulnerability to new malware and phishing attacks. The need for improved security and SaaS security tools that can secure cloud-based programmes will play a big role in today’s business landscape.”
With SaaS programmes being hosted on the cloud, one of the most prevalent causes of security lapses is the recycling of passwords and having them saved to systems. To mitigate the risk of account takeovers, a robust cloud applications security strategy needs to be supplemented with the education of end-users.
BIPO Singapore and Indochina Managing Director——Albert Liew对此评论道：“这反过来使得企业不得不花更多的精力来保障流程的安全和稳定，以避免信息风险。”
“As a guide, ensure that passwords are regularly updated, and multi-factor authentication is enabled. In addition, businesses can minimise security breaches by implementing SaaS security tools and a selection of options to mitigate such risks,” Liew added.
“The need for improved security and SaaS security tools that can secure cloud-based programmes will play a big role in today’s business landscape.”
“维护系统的安全性和SaaS安全工具的使用将在当今的商业环境中发挥重要作用，以保护基于云计算的各类项目。“——Albert Liew, Managing Director, Singapore and Indochina, BIPO
He recommended that organisations that host their SaaS applications on public cloud infrastructures consider reliable and reputable third-party vendors such as Amazon Web Services (AWS) and Alibaba Cloud, which are well-regarded for their computing, storage and content processing capabilities, as well as robust practices that safeguard the security of their platforms.
With cyber threats becoming increasingly sophisticated and targeted, servers hosting SaaS applications should also be regularly reviewed and patches applied against new vulnerabilities.
Liew highlighted, “This starts with fundamentals such as having a robust IT security policy in place. Such policies need to address the changing global business landscape where remote work is now the new norm. It is crucial to regularly update such policies, ensuring they are aligned with the evolving digital landscape.”
In a recent white paper published by BIPO, the HR service provider identified some of the key practices organisations should deploy when it comes to SaaS security. These include:
1) Creating a cloud applications security strategy.
2) Enabling multi-factor authentication to ensure a safeguard against compromised credentials.
3) Implementing endpoint security considerations where access from devices such as smartphones, tablets, desktops, laptops and other mediums must be controlled to prevent misuse of SaaS and data loss prevention (DLP).
4) Ensuring ongoing training and education at all levels within the organisation, including the understanding of SaaS usage and security. Prevention through education is often the most effective way to prevent breaches.
When these safety practices have been established, organisations can then turn their attention to the selection of a SaaS solution. “Consider the scalability and integration of the solution with other systems such as CRM, finance, ERP and so on,” Liew advised. “Increasingly, we have seen applicant tracking systems and e-learning platforms integrate with existing HR management systems to complement the evolving needs of HR and the business.”
Due to the pandemic, solutions such as BIPO’s Safe Entry platform have also gained popularity, as organisations increasingly look to integrate contactless door access with facial recognition capabilities, as well as with payroll and attendance applications.
Liew continued, “Similarly, performance management and e-learning platforms are on the rise as remote work continues. Given the shift in work patterns, businesses are now more vested in utilising digital tools to enhance the employee experience, particularly during the appraisal and performance management process.”
As users look to access SaaS platforms from home and on smart devices, offering flexibility is also key, he added, noting how there has been a growing interest in mobile apps where employees can easily navigate and complete tasks with just a few clicks.
“同样，随着远程办公的持续和工作模式的转变，企业现在更倾向于利用数字工具来提升员工体验，尤其是在评估和绩效管理过程中。为了方便用户访问SaaS平台，提供相应的灵活性也很关键。在移动应用中，员工只需点击几下即可轻松导航和完成打卡等操作。” Albert Liew补充道。
BIPO’s HR Management System (HRMS) is ISO-27001 certified and offers businesses the agility of a cloud-based SaaS solution from pre-boarding to off-boarding.
Compliant with labour laws and designed to meet the needs of Business 4.0, BIPO HRMS features cutting-edge technology and supports all aspects of HR functions, from personnel, payroll, leave management, attendance and expense management, to performance management.
Allowing organisations to integrate employee records and attendance with BIPO HRMS and payroll functions, the BIPO Safe Entry is a touch-free door access system that features AI facial recognition and contactless temperature scanning. This reduces errors and optimises business efficiency, enabling HR teams to focus on strategic HR functions.
BIPO的人力资源管理系统（HRMS）通过了ISO-27001认证，为满足商业4.0的需求而专门设计，支持人力资源功能的所有模块，从人事、工资、休假管理、考勤和费用管理，到绩效管理，为企业提供了从入职前到离职后的基于云的一站式SaaS解决方案。同时支持将员工考勤记录与BIPO HRMS和薪资功能相结合，并提供BIPO Safe Entry免接触门禁系统，具有AI面部识别和非接触式温度扫描功能。这将规避风险，优化业务效率，使HR团队能够更专注于人力资源战略的归化和企业运营。