Proven, market-leading solutions for both growing and complex organizations
Across the globe, Alight is ready to help your organization thrive
Proven, cost-effective solutions that meet your agency’s complex needs
Work with an independent partner dedicated to your success
A curated network of solutions to help your people make smarter, more proactive decisions
Alight Solutions is a leading provider of integrated benefits, payroll and cloud solutions. With more than 15,000 professionals across 29 countries, Alight provides leading-edge benefits administration and ERP technology and services to more than 3,250 clients including 50% of the Fortune 500. Alight’s combination of data-driven insights and technology expertise creates unique value for clients. Alight is a six-time member of IAOP’s Global Outsourcing 100. Learn how Alight drives better business outcomes and employee wellbeing for organizations of all sizes at alight.com.
As a Workday customer, you have access to Workday’s mobile application to easily access and complete self-service tasks and view reports. Because Workday designs mobile applications for the self-service user, not all features are available based on their security settings and access levels. In this quick reference guide, we will discuss Workday’s mobile application security standards and provide helpful tips and tricks for mobile users.
When it comes to mobile applications, not all user settings are created equal. In order to see which business processes and actions you’re able to complete on each platform (Android, iPhone, etc.), run the List Tasks Available on Mobile report. While the mobile apps have limited functionality, you can access all features on the Workday browser application by entering your tenant URL in a web browser on your mobile device.
Enabling the Workday mobile app on different devices is simple and compatible with any device, simply follow these steps below:
Workday approaches security with a ‘unified’ model and applies it across all platforms. It is completely independent of device types, so the user will be consistently granted or denied access to functionality regardless of which type of device they are on. Since access is provided based on this security policy, it is consistent across all platforms, including desktop. Some tasks might not be available on the mobile app per the List Task Available on Mobile report.
Access to Workday’s mobile application can be restricted for a user when they log in outside of a whitelisted network. This restriction will apply to all devices; access cannot be limited by device type (i.e. Workday mobile app or desktop off-network.)
Access Restrictions (These recommendations apply to all device types)
Allow only On Network
Allow on Both On/Off Network
Export to PDF/Excel
Attachment Download (Limited)
Inbox Complete Actions/To Dos
Unless Multifactor Authentication is in place, Payment Elections should only be allowed to change when on corporate network.
Check In/Out should not have Off Network access unless there is specific business reason.
Manager should not be allowed to download data related to employees that they support.
Administrators, HR roles should not have Off Network access unless there is specific business reason.
The recommendations above can be accomplished using Security Group (Who), Authentication Type (How), IP Ranges (Where) and Access Restriction (What) in authentication policy. Please note: Authentication policy cannot differentiate between device types.
Enable Attachments to be Imported from or Shared With External Sources
Corporate policy should be reviewed to determine if appropriate. Workday’s Virus scanning functionality is currently limited to the recruiting and student products. Any other uploads by authenticated users are not scanned.
Disable Check In/Out on mobile
If you are controlling Check In/Out by Access restriction on Authentication policy, then this can be left unchecked—review corporate policy to determine if appropriate.
Disable My Reports on mobile
In most cases, access to the Workday W: drive is not necessary on mobile.
Disable Add to Contact
Disables the Add to Contact command from the Action menu on worker profiles on mobile devices.
Disable Mail to
Prevents native mail apps from opening on a mobile device when users click a mail link within Workday mobile apps.
Alert is displayed on iPad and iPhone devices that prohibits taking screenshot and on android devices the screenshot is blurred.
Disable mobile app store links
Aids in application adoption.
Disable automatic tenant configuration links
When enabling and getting started with Workday mobile, here are a few items to consider.
If you are an existing Workday customer, additional information on Workday Documentation regarding mobile set-up and best practices can be found here.