100% audit compliance: How a leading financial institution strengthened Workday security with Smart Shield

Date posted
25 April 2025
Reading time
3 mins
image
Ensure
compliance by meeting audit security requirements
image
Protect
sensitive HR and financial data with masking
image
Streamline
proxy access while restricting confidential information
image
Improve
efficiency with secure system updates and testing

100%

Audit compliance

30,000+

fields protected

Granular

access control

Enhanced

security

"With Smart Shield, we proved to our internal audit team that we now have the controls in place to prevent unauthorised access to compensation and personal data."

Workday Security Lead

About the organisation

This leading financial institution serves hundreds of thousands of members with assets exceeding billions. As a prominent employer with branches across multiple regions, it is committed to operational excellence and community growth.

Addressing Workday security challenges in non-production environments

As part of its digital transformation, the organisation implemented Workday to enhance operational efficiency, financial decision-making, and workforce management. However, securing Workday’s lower environments — where HR teams conduct testing and updates — proved challenging.

The existing proxy access model required HR staff to have broad access during testing, which increased the risk of exposing sensitive employee data, such as compensation details. Internal audits flagged this as a compliance gap, prompting the need for a secure solution to restrict unauthorised data visibility. “With the ability to proxy in our lower environments, we knew we needed a stronger security layer to ensure sensitive data was protected,” said the organisation’s IT security lead.

image

Implementing Smart Shield for Workday compliance and data security

To meet audit requirements and bolster Workday data security, the organisation selected Smart Shield — a Workday-native data masking solution. Smart Shield provides granular access control, allowing HR teams to perform testing without exposing confidential HR and payroll data. “With Smart Shield, we proved to our internal audit team that we now have the controls in place to prevent unauthorised access to compensation and personal data,” the security lead explained.

Protecting 30,000+ sensitive fields in Workday environments

Smart Shield was deployed across the organisation’s Sandbox, Sandbox Preview, and Implementation tenants, masking over 30,000 sensitive fields. This ensures critical HR and financial data remains protected while enabling teams to carry out essential updates and testing.

Enhancing proxy access control for HR teams

The organisation needed to strike a balance between enabling proxy access and maintaining strict data controls. With Smart Shield’s role-based access capabilities, HR teams now view only the information relevant to their roles. “It was perfect for our performance enablement team. They need proxy access but don’t need to see compensation details. Now we can unmask only what’s necessary while keeping sensitive info secure.”

For users outside privileged access groups, Smart Shield automatically masks sensitive compensation data while maintaining access to non-confidential financial information. “We created a dedicated profile for those outside of privileged access groups. Sensitive data is masked by default, giving us complete control over data privacy,” the team noted.

image

Future-proofing Workday security and compliance

By implementing Smart Shield, the organisation has reinforced its Workday security posture, achieved full audit compliance, and strengthened HR data privacy. “We’ve significantly improved security and compliance across Workday, and Smart Shield continues to be a key part of this strategy.”

Looking ahead, the institution is committed to enhancing its Workday capabilities and proactively mitigating future data security risks.

Find out how Smart Shield can enhance Workday security and compliance for your organisation