top of page

Basic Workday security setup

Updated: Jul 4

Workday is considered a leader when it comes to security and data protection in HR and finance systems. The platform stands out with its multi-layered security approach, including role-based access control, clearly defined security policies, and comprehensive audit capabilities. This ensures that users only access the data and functions they truly need—always in a traceable way. Modern encryption technologies and built-in safeguards for system connections further enhance protection. As a result, Workday helps organizations not only safeguard sensitive information but also stay compliant with regulations and manage risk effectively.


System users:

Individual users are added to security groups


Security Group:

The security group type determines what kind of access a user has. You can tie access to a role (position) or directly to a specific user. You can constrain access in various ways, as well.


Security Policies:

Security groups can have either View or Modify access to specific domain security policies. For business process security policies, security groups have access to different steps in the process.


Functional Areas:

Examples include Staffing, Benefits, Core Compensation, Financial Accounting, and Procurement.


Domains

Secured content like:

  • Tasks

  • Data Sources

  • Report Fields

  • Reports


BP Types:

Business process tasks include:

  • Initiation Steps

  • Action Steps

  • Approval Steps

  • View, Rescind, Cancel


More detailed example

System User

In this example, the system user is Logan McNeil.


Security Group :

The HR Partner security group has one member, Logan McNeil. This security group identifies users with positions assigned to the HR Partner role.


Domain Security Policy :

The security group that Logan belongs to (HR Partner) has View/Modify permissions to the domain.


Security Domain

The security domain that Logan has View/Modify permissions to is Worker Data: Active Employees.


Securable Items

The security domain contains three securable items:

  • Active Employees, a report.

  • Employee Talent Analysis, another report.

  • All Active Employees, a data source.


In the example above, Logan can:

  • Run the Active Employees and Employee Talent Analysis reports.

  • Run a report that uses the All Active Employees' data source.

 
 
 

Comentários


bottom of page