The IT Implications of the Performance Management Revolution

August 21, 2017

The IT Implications of the Performance Management Revolution

Traditional performance management, for better or for worse, hinges on the annual employee review. For years, managers have met with employees once a year to share feedback and criticisms collected over a 12-month period. But this slow-moving process tends to be a waste of time, and, in most cases, is unhelpful to employees looking for immediate guidance on ways to improve.


Today, companies are swapping their antiquated training and evaluation programs in exchange for more agile methods, supported by digital tools. Employees want real-time feedback and recognition for their work, and organizations are increasing investments in the technology that can facilitate these demands.


With new performance management applications flooding into the market, organizations should expect to see a rise in the number of SaaS (software as a service)-based tools their teams use for work. But while more tech-centric employee development can be a boon for corporate culture, it can lead to major security headaches for IT teams.


The Changing Face of Performance Management


HR teams are experiencing a digital transformation in their own right as they architect new, dynamic performance management processes. No longer satisfied with traditional engagement models, employees expect more in terms of performance feedback, and place a higher priority on learning and development opportunities. Job seekers want continuous skills training and a clear path to building long-lasting careers. In response, many organizations are starting to invest in the tools to support this continuous engagement.


With the employee experience in mind, business leaders are heeding the call for a performance management revolution. A Deloitte survey found 79 percent of executives rate redesigning performance management strategies as a high HR priority this year. Agile goal-setting, employee-driven communication and frequent check-ins are becoming the standard as companies around the world look for new ways to empower their workforce.


The challenge facing organizations—once they identify the solutions they need—is integrating that technology into existing productivity platforms without compromising security. Managers will need data on an employee’s day-to-day responsibilities to ensure solutions work seamlessly with other productivity tools people spend the majority of their time with. IT, HR, and department managers will also need the tools to safely provision employee access as organizations add new applications to their library and onboard new recruits.


The Security Implications of Rapid Technology Adoption


The performance management overhaul has triggered a wave of new HR-focused applications that managers use to evaluate team effectiveness and encourage ongoing coaching. But this influx of new applications can lead to a SaaS tsunami, overwhelming IT departments and creating significant security vulnerabilities. Gartner research shows a typical company uses anywhere from 600 to 1000 SaaS-based applications and, shockingly, IT is only aware of 7 percent of them.


These glaring visibility challenges prevent IT departments from knowing what tools are used and which need to be secured. Employees using unauthorized cloud applications to manage things like goal-setting put their company at risk of cyberattacks and data breaches, costing companies millions of dollars in damages. Contributing to the security challenge is organizations’ use of legacy infrastructure, which may not integrate with new management applications. Eager to make progress on new performance management strategies, HR teams may be tempted to adopt their own applications instead of waiting for IT approval, bypassing compliance protocols.


To accommodate the performance management revolution and mitigate cyber risk, IT teams should look to identity access management (IAM) and multi-factor authentication platforms to securely maintain an influx of new SaaS subscriptions.


An IAM platform with single sign-on (SSO) capabilities makes it easy for employees to log onto the applications they need with just one password; rather than remembering multiple passwords and usernames. IAM gives IT teams the power to quickly provision and deprovision users based on department and job function. IT teams also gain visibility into employee tools that previously flew under the radar, catching unsanctioned apps before they create a security threat.


Evolving workforce trends have given way to a new form of employee performance management, and, as a result, an explosion of more SaaS applications. As organizations embrace the performance management revolution, they’ll need to revisit their IT strategy to make way for change, while not exposing the company to unmitigated or unwanted risks.

The Authors: 

Alvaro Hoyos is the chief information security officer for OneLogin, a leader in cloud identity management solutions, where he architects and leads the company’s risk management, security, and compliance efforts. He has more than 15 years in the IT sector. Prior to joining OneLogin, Hoyos helped startups, SMBs, and Fortune 500 companies with their security, compliance, and data privacy objectives. Twitter: @wherestherisk