NIST SP 800 Series and HR Software

The National Institute of Standards and Technology ‘special publications‘ series is a great source of information if you’re wondering what other potential users of cloud technology are thinking about. The Institute is developing a set of standards that does everything from defining the technical terminology to addressing common concerns. The cloud is a rapidly evolving platform that’s making inroads into the HRIS sphere. Employers recognize the value of outsourcing resource-intensive IT functions related to HR software while increasing control where it really matters – in determining which applications can improve HR processes and compliance.

Why Now?

The mainframes developed by companies like IBM have reached a tipping point of obsolescence and complexity that’s created a perfect storm in the IT industry. The original architects of these systems aren’t around anymore for the most part. This means the layers of infrastructure and software that have been added to legacy mainframe systems over the years are poorly understood. What was once state of the art technology for server systems has now become unwieldy and difficult to maintain – much less upgrade to keep pace with rapidly changing technology.

Distributed servers with service oriented architecture designed to support agile software development offer an alternative that is cost effective. It places more of the burden for infrastructure maintenance and upgrading on the shoulders of the vendor, freeing internal IT resources for more strategic endeavors. SaaS cloud services are particularly well suited for HR for the same reasons. Cloud applications tend to be built with ease of integration in mind making it simpler to add niche products (like our Universal Onboarding) that offer Best of Breed capabilities.

SP 800 Standards Matter in HR

Trust is near the top of the list of concerns for HR since employers are tasked with safeguarding sensitive employee data. Access management, compliance with regulations governing data privacy, and general data protection must all be given their due weight or the cloud industry will not be able to gain and keep the trust of the HR consumer. These issues are addressed in detail the SP 800-144 publication.

The big players in cloud services from Amazon (EC2) to Microsoft (Azure) have the means to help set the tone in this area at the infrastructure level. However, ensuring that these best practices trickle down to the thousands of vendors building and supplying HR applications via the cloud will require an overarching strategy. The NIST is playing a key role in developing the standards by which individual cloud services vendors will eventually be judged.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s