System Administrators Access in a HR/Payroll System

5 pts.
Tags:
Access Rights
Administration tools
Administrator account
Compliance
Security
System administrator
Hi

I have taksed to define the access rights for sys admins for a HR/Payroll system. The thoughts are divided among the groups here - one, the segretion of duties that should limit any type of user to perform tasks end to end since this is a payroll system; two since it is a sys admin access the user should have full access to manage and maintian the system effectively such as trouble shooting and supporting.

My question is what is the right approach. Personally I feel the sys admins should have full access, however I need hard convincing to do. Can Bill 198 shed some light on this? How do  I pitch it to senior management?

Any help from IT security/compliance/bill 198 experts or anyone who had a similar situation would be GREATLY appreciated.



Software/Hardware used:
HR/Payroll System
ASKED: August 10, 2010  2:05 PM
UPDATED: August 23, 2010  9:55 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Sometimes you just have to let go. Separation of duties is very real, and can actually help keep your sys admin out of unexpected scrutiny, questioning or accusations.
Just because you’re an admin on a server doesn’t mean you have to have access to the box. I have a few servers that I built, then moved to a secure location (like an HR area), and then had them change the password so I would no longer have an account to get in on.
When work or maintenance needs to be done they log in for me and get to sit and wait until I am done.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • SbElectric
    I concur with Wiki’s comment. Most of the corporations face this type of situation. Separation of duties is very essential and needed. In our situation – since we have many databases/files encrypted – system adm. have right to copy, load/reloads data but only on encrypted format. They can not “view” the data. Security auditors have bought into this scenario.
    2,540 pointsBadges:
    report
  • Cognos2001
    [...] Systems Administrators Access in an HR/Payroll System [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following