You’re on our Australian website
×
You’re on our Australian website
×

Managing Security

Overview

In this workshop, we’ll discuss the default visibility your employees will have in Employment Hero. In addition, you’ll learn how to create Custom Security Groups that expand the view of Employment Hero for your employees if need be. 

Step-by-Step Guide

In this workshop we will discuss:

 

  • Default Security Settings
  • Custom Security Settings
  • Custom Security Group Examples
  • Two Factor Authentication

What an employee can see in Employment Hero will depend on their access level.

 

Owner

 

  • Anybody with Owner access will have a label next to their name on the employee list
  • Owners can view all employee profiles
  • Owners can add/edit all employee information
  • Owner access is provided by the Employment Hero team and cannot be removed or given by anybody else

 

Admin

 

  • Anybody with Admin access will have a label next to their name on the employee list
  • Admins can view all employee profiles
  • Admin can add/edit all employee information
  • Admin access can be given/removed by any other admin/owner in your organisation

 

Manager

 

  • Primary/Secondary managers will have a restricted view of the employee profiles of their reporting employees
  • By default, Primary/Secondary managers will not be able to edit this information

 

Employee

 

  • An employee is anybody on the platform who does not have any direct reports
  • Whilst they will be able to see other employee names in their Organisation Chart or their dashboard, they will be able to click into their profiles or access any of their information

A Primary/Secondary or Indirect manager will have a view of their employees file, but it won’t look exactly like your view as an admin.

 

By default, a manager will be able to view:

 

  • An employee overview (this includes the employees bio, company e-mail, job title, teams and company mobile)
  • Leave Requests/Leave Balances
  • Performance Reviews (Primary Manager only)
  • Custom Fields

Custom Security Settings provide the opportunity for you to expand on what your employees can do and see in Employment Hero.

 

Creating a Custom Security Group lets you create tailored access to suit the needs of your employees based on their role. You can create your own security groups using an employee list or teams and then specify what level of access each group has within the platform.

To get started, select:

  • Settings
  • Custom Security Settings
  • New Security Group

 

Your Custom Security Group will be split into three groups:

 

  • Employees: Set permissions for specific views of an employee file
  • Contractors: Set permissions for specific views of a contractor file
  • Other Permissions: Gives your employees access to the necessary features of Employment Hero that allow them to fulfil their daily duties

In this example, we are creating a new security group for our People Leaders which is anybody in our organisation who is listed as a Primary or Secondary Manager.

 

This example will apply to anybody who has a direct report. If you have an employee listed as a primary/secondary manager, this visibility will apply to every employee who reports to them in their reporting line chain. This security group will automatically disregard anybody who does not have any reporting employees.

 

  • Create a name for the Security Group
  • Create a description for the Security Group
  • Under Set Permission For, select All Employees
  • Under employees, select Reporting Employees 
  • Select View/Modify/Delete/Use on the appropriate features that are necessary for your Primary/Managers to have access to
  • Create

 

Note: The ‘Reporting Employees/Contractors’ function will only exist for the Employees and Contractor tabs. It will not apply in the Other Permissions tab.

In this example, let’s create a Custom Security Group for a team. When I use a team I have previously created, it means that the next time I recruit somebody and add them to the team, they will automatically have this additional security so there will be no need for me to edit upon their arrival.

 

  • Create a name for the Security Group
  • Create a description for the Security Group
  • Under Set Permission For, select the relevant team
  • Under Employees, select all employees
  • Select View/Modify/Delete/Use on the appropriate features that are necessary for this team to have access to
  • In Other Permissions, select any features of Employment Hero you would like this team to access
  • Create

This Security Group example can give all employees in your organisation specific abilities on Employment Hero. From access to your leave calendar, to the ability to post announcements.

  • Create a name for the Security Group
  • Create a description for the Security Group
  • Under Set Permission For, select All Employees
  • In Other Permissions, select any features of Employment Hero you would like your employees to access
  • Create

In this example, I’m adding a new security group for our People Leaders which is anybody in our organisation who is listed as a Primary or Secondary Manager.

 

This example will apply to anybody who has a direct report. If you have an employee listed as a primary/secondary manager, this visibility will apply to every employee who reports to them in their reporting line chain. This security group will automatically disregard anybody who does not have any reporting employees.

 

  • Create a name for the Security Group
  • Create a description for the Security Group
  • Under Set Permission For, select All Employees
  • Under employees, select Reporting Employees 
  • Select View/Modify/Delete/Use on the appropriate features that are necessary for your Primary/Managers to have access to
  • Create

 

All components of an employee’s profile are grouped together and cannot be split up or customised without a Platinum subscription.

 

Note: The ‘Reporting Employees/Contractors’ function will only exist for the Employees and Contractor tabs. It will not apply in the Other Permissions tab.

n this example, let’s create a Custom Security Group for a team. When I use a team I have previously created, it means that the next time I recruit somebody and add them to the team, they will automatically have this additional security so there will be no need for me to edit upon their arrival.

 

  • Create a name for the Security Group
  • Create a description for the Security Group
  • Under Set Permission For, select the relevant team
  • Under Employees, select all employees
  • Select View/Modify/Delete/Use on the appropriate features that are necessary for this team to have access to
  • In Other Permissions, select any features of Employment Hero you would like this team to access
  • Create

This Security Group example can give all employees in your organisation specific abilities on Employment Hero. From access to your leave calendar, to the ability to post announcements.

  • Create a name for the Security Group
  • Create a description for the Security Group
  • Under Set Permission For, select All Employees
  • In Other Permissions, select any features of Employment Hero you would like your employees to access
  • Create

Two-Factor Authentication (2FA) is a security measure that requires users to provide two different types of information to verify their identity and gain access to an account or system.

 

At Employment Hero, those two factors involve your password but also verifying your identity via a text message or an authentication app.

 

By requiring two different factors, it makes it much harder for an unauthorised user to access the account or system, even if they have obtained the password.

 

To summarise, 2FA is an extra layer of security that helps protect user accounts and sensitive information from unauthorised access.

 

Two-factor authentication will be enforced for account owners/admins or users with access to other employee’s tax information due to the ATO digital service provider operational framework.

If you would like to enforce 2FA for all employees, select:

 

  • Settings
  • Company Settings
  • Employment Settings
  • Switch Enforce Two Factor Authentication to Yes

If you or your employees need help setting this up, check out this handy tutorial.

Checklist

  • Create Custom Security Groups (if applicable)
  • Enable 2FA for all users (if applicable)

FAQs

No, Admin status is a blanket access that cannot be customised.

Yes, all Admins will have access to an employee’s salary information. This cannot be customised.

The team at Employment Hero are the only people who can change this information. To change the owner of your platform, we’ll need written confirmation from whoever is currently listed as the owner.

 

Reach out to implementatios@employmenthero.com and the team can help you make the necessary changes.

By default, a Primary/Secondary Manager will not be able to see their employee’s salary. However, if you may need them to, you can create a Custom Security Group to provide this access.


Explore by industry