IAM:

An expert

Yes we are. We are WedaCon. Your experts for a wide range of IAM solutions from development to implementation.

26.09.2016

 

Why HR 4.0 might not work for you

The magical version ‘4.0’ is something we stumble over in 2016 each and everywhere people talk about 'disruptive' technologies, changes and new approaches. Whether its HR 4.0, Industry 4.0 or Web 4.0, the basic goals do not differ much, which is the reason for us to use the term ‘Idea 4.0’ throughout this document for the matter of ease and readability.

So what exactly does ‘Idea 4.0’ mean, and how did the previous visions and expectations for versions 2.0 and 3.0 look like? And even more important: Where do we stand now in the implementation of the previous versions, and does Idea 4.0 require a full or even partial implementation of versions 2.0 and 3.0 as a prerequisite ? Is there even a 'Cross-Update' path directly from 1.0 to 4.0?

Download your full copy as pdf, also available in german. Or just read on here!

 

Greenfields

Suppose we could start on a greenfield site, directly with Idea 4.0. All 4.0 technologies have in common that they provide or use small, more or less intelligent components (called Agents) to play a role in a given processes. Those agents can be implemented in hardware (Internet of Things) or software (Micro-Services).

The agents should behave autonomously and communicate and act with each other. They must be able to represent other agents (or another participative site) to make decisions and perform actions on their behalf. It is important to understand that this includes acting on behalf of a human being. The actions the agent performs must be secured on elements of authentication (who I am) and authorization (what am I allowed to do) and therefore require a high degree of robustness with respect to safety, to prevent unauthorized actions to be started.

Whatever 4.0 technology we look at: a secure implementation of functions managing authentication and authorization are essential, since lack of those and the potentially resulting attacks on the infrastructure jeopardize the acceptance of such systems.

On the other hand, there will be no acceptance of new technologies by the end-users if we make it too hard for them to be used. As it is in many other areas, we have the need for a balance between 'Security and Usability'.

So even if we start on the 'green field': Idea 4.0 requires measures and functions for sufficiently secure communication between the 'Agents', regardless of whether we consider HR 4.0, Industrial 4.0 or Web 4.0.

 

1, 2 or 3

In order to understand what the different versions 1.0, 2.0 and 3.0 actually mean exactly, a closer look on the 'mother of all 2.0 hypes' might be useful.

When the term ‘Web 2.0’ came up around 2004, it was quickly re-used as hype and buzzword in many other fields for marketing purposes. Web 2.0 proposed new functions to collaborate on the internet, which were not really new. In fact, the first (and still current) versions of the hypertext protocol ‘http’ were designed to enable communication in any direction already.

However, the first applications to use the World Wide Web (WWW) were of a technical nature, creating an impression of a 'static' web for end-users: they were pure consumers of information. That old era of a static web was called 'Web 1.0'.

Following the static web, we got the 'participatory' web: New programs and services allowed end-users not only to be consumers, but in a very simple manner to generate new information and knowledge in a participatory way. As already said: they could have done that with Web 1.0 as well, but new offers allowed them to create information on their own using blogs, forums and personal web-pages quite easily.

Additional protocols and features were introduced to enable the Internet as a major 'platform' for new forms of communication and collaboration, and the catchy name ‘Web 2.0’ was used for it.

The massive increase in available information (and non-information), and their chaotic (because uncoordinated) storage now led to the fact that it became increasingly difficult to find required information, or even to use it efficiently.

New approaches were needed, not only to generate cataloges on the existing data, but to bring them into a logical context to each other: IT systems should be able to not only convey information, but to understand, to be interpreted with a certain degree of intelligence and automatically draw conclusions about it.

By using these semantic capabilities, raw data (for example, a text containing the letters ES) become real information: An ISO-3166.1 value which represents a specific country. Subsequently, further information can be semantically linked and new knowledge be generated.

The approaches and aims of Web 3.0 or as it was named, the ‘semantic web’, are not achieved until today. From today's perspective, the Web 3.0 can rather be described as the 'contextual network' to interpret information according to the current context and relations.

Example of these contextual skilled systems are the known social networks and Big Data approaches.

But a contextual network is far away from being intelligent and independent to make decisions: it lacks the necessary capacity to really understand the information, or at least to draw firm conclusions and to act independently. A skill we expect to be required with Web 4.0 agents.

One could argue that we are just on the run to make this happen with the next technological step.But there is a big gap. Inadequate implementations for Web 3.0’ goals (and in some cases even the 2.0 goals) do lack an important dimension:Trust.

 

Trust 1.0

As we have already noted in our views on the 'green field', the objectives of Idea 4.0 can not be achieved if a sufficient dimension of security and reliability in the communication of the 'Agents' exist. Without this dimension, we will not get the necessary confidence and trust to all the new things that are supposed to be intelligent.

And even in the area of ‘intelligence’ we are not where we planned to be promised by Idea 3.0. While there is a large amount of semantically organized data collections, they are rarely used in most cases.

The gaps identified in incomplete implementations of version 2.0 and 3.0 clearly needs to be closed to make Idea 4.0 a success.

 

HR und IT: Clash of Civilizations

Let's be honest: HR never belonged to those fields identifying and adopting new trends for itself very quickly. But that is not necessarily negative, sometimes it is worth to wait and watch others to fail before you do.

Maybe that was the reason for the fact that Marketing and Consultancy on HR Topics came up with the term ‘HR 2.0’ years after the concept it described was published.

HR 2.0 should exempt the HR departments of their stuffy existence. Holistic approaches, enterprise and sustainable management strategies for the resource 'human' were now announced. The concepts for this were already known since the late 90’s as 'Ulrich model'.

The evolution of the Web from version 1.0 to 4.0 have a lot in common to what is proposed for HR, especially when analyzing the goals dedicated to Version 2.0 of it:

Compare Versionings between HR and Web

 

 

The evolution of HR-IT

With the impact of the Ulrich model, various groupings and names of old as well as new 'players' in the the HR software market emerged. HRIS (HR Information System), HCM (Human Capital Management) or HRMS (Human Resource Management System) are just a few, but perhaps the most frequently mentioned. Depending on performance and functions, all available solutions can be sorted into one of the mentioned categories.

However, all have in common that they support processes known as 'Joiner-Mover-Leaver' (JML).

Greatly simplified today's HRIS / HCM / HRMS systems support the core processes 'JML' by offering assistance on the digital mapping of HR processes and enforcing the relevant compliance requirements.

A new employee record is created using the HR software, and thus, the software ensures that the digital personnel file at the beginning of the employment relationship is complete and all the necessary processes are carried out. All done for the first day, the HR managers can sit back and relax: mission accomplished!

Well, this may be the case from HR departmentsperspective: The manager of the new employee and the employee himself might have a totally different view on this!

 

Day 1 on a new job

Experience has shown that new employees spend their first two weeks waiting: for telephone, business cards, and various access profiles and accounts for a couple of IT applications that are necessary for carrying out his or her activities.

The necessary processes are usually in responsibility of IT, and we encounter very similar processes and requirements here: Again JML and compliance.

So in a first interim conclusion we can say the processes Joiner-Mover-Leaver must be reflected both in HR and in IT.

Joiner mover leaver in HR and IT

Depending on the maturity of the organization the JML processes for identities not managed from the HR organization such as partners, external employees or system accounts may need to be considered as well.

The JML processes, as they are to be implemented by the IT are usually realized by manually concerted operations, or processed automatically using an Identity & Access Management (IAM) system already.

Depending on the required or already achieved degree of integration, media discontinuity are a common concern and reality: Changes on HR Data are communicated via phone or e-mail and needs to be entered manually into diverse systems.

In rare cases organizations already have an common interface between the HR-Systems and other IT-Systems using IAM (Identity and Access Management) systems for automated processes.

Additionally to that, the IT department must ensure that the correct authorizations are assigned to the employee in accordance with his job profile and compliance requirements.

Joiner mover leaver in IT and subsequent

Next conclusion: While the basic processes and goals for HR and IT are the same or at least similar, they are not seen as a process "across departments". As result, they are acted on with different degrees of automation in HR or IT independently.

Even environments with a high level of automatism (HRIS + IAM systems in use) often lack direct connections between the systems and media discontinuities become visible.

 

The role of an ‚Administrative Expert‘

HR 3.0 and 4.0 have high demands on the maturity level of an organization with respect to their digital agenda. The most important element of the HR 2.0 models is the role (and the results achieved) of an Administrative Expert (AE)

  • Introducing an HRIS
  • Eliminating manual data entry
  • Identify and manage data sources and targets

Additionally to the technical dimensions of it, the Administrative Expert serves as an important role in organizations and enterprises to enhance holistic approaches for HR Management across departments and companies of the group.

Role of Administrative Expert

But how should an organization which has implemented these functions inadequately or not at all deal with HR 4.0? How should those 'intelligent' agents make decisions if they do not have the relevant data and knowledge for this?

 

The stony path to 4.0, or: eating elephants

Whether your goal is Industry 4.0, HR 4.0, Web 4.0 or Idea 4.0: If you have not propperly mastered Level 3 it will be difficult, perhaps even impossible. At least if you want to approach this with the necessary seriousness and a certain level of high quality awareness.

But you do not need to tackle everything at once, do it exactly as you would eat an elephant: piece by piece.

 

An Agenda for Idea 2.9

Before you get started with Idea 3.0: Complete your 2.0 Agenda!

You may have started already, are near finishing it? Then lets call it Idea 2.9.

Central goal of Idea 2.0 are holistic views on the complete world of processes in an organization and their digital implementations. Especially when dealing with person related informations – and who would like to deny this for HR – Identity and Access Management Systems need to be considered.

It makes sense here to get an understanding on the recent requirements and challenges related to the new EU General Data Protection Regulation.

  • Examine how personal data and process are handled in your IT systems today.
  • Identifying data sources and destinations on
    • personal data
    • organizational data (Master Data)
    • processes
  • Check / define data ownership and processes, including a view on the current requirement of the EU General Data Protection Regulation.

 

An Agenda for Idea 3.9

You know, before 4.0 comes 3.9!

To develop semantic skills you need to follow an approach to identify all relevant information, processes and side effects. This includes the transition from approaches centered around the view on humans/persons towards a greater and broader concept: Entity Management.

An entity may be anything at this point : people, organizational structures, such as departments and subsidiaries, roles, processes, assets such as mobile phones and cars, and much more: A 'thing'.


And this totally makes sense if you want to deal with an ‘internet of things’

  • Identify relations and automated process capabilities and assignments (contextual or even semantically)
  • Automating processes and data traffic
  • Entity Relationship Management

 

A view on Idea 4.0

Wonderful, we arrived, and can even look more closely at what is actually meant by 4.0.

The "Agent's idea" consist of the following elements

  • intelligent sensors + processes
    Intelligent sensors
    will transmitmasses of data and information without asking in an automated way.It is important to check and control the part about 'without asking'.
  • Internet of Things
    If the toaster is
    about to order new toast from the refrigerator. Question: is he authorized to do so? And is it really your toaster ordering?
  • Block Chain & smart contracts
    Perhaps the hype around Idea 4.0:
    the need for reliable and trusted digital contracts
  • UMA (User-Managed Access)
    A section from the world of identity management, which returns
    end-user’s control of the data concerning him.

 

Real Life Results

Organizations which have adopted these principles can benefit from their agile processes, as it can be seen by the following figures from a real company currently on Level (or near to) ‘Idea 3.9’

  • Automated provisioning of all necessary applications and services depending on job role, department and organizational affiliation and other relations within 30 minutes.
  • Re-organizations (department changes and mergers for example) can be implemented within weeks rather than month
  • Automatic notifications about pending processes (password expiration, account deactivation, re-certifications)
  • Automatic re-certification of all assignments several times a day
  • User Self-Service
  • and many more

 

Summary

Whatever you would like to achieve with Idea 4.0, it requires secure digital communication, especially when dealing with sensitive information.

Connecting HR + IT systems by using an IAM solution leads to a massive reduction in effort and costs for the IT and the HR department regarding JML-processes.

Automated processes in IT, based on specifications from the HR, allow a secure and compliant implementation of all necessary steps in a few minutes and not in weeks: your new employees can be productive from day one.

To achieve this, HR (and IT) organizations need to increase their maturity level and align their processes to reach the goals and objectives of the whole company.

Idea 4.0 can not be achieved if you have never dealt with Idea 2.0 or 3.0.

 

Download your full copy as pdf, also available in german, or get in contact with us for more information.

 

We will make Idea 4.0 work for you!