Millennials are set to outnumber baby boomers in the workplace this year for the first time. With a millennial workforce comes a demand for much more than a pay cheque. Flexibility is now a key differentiator when it comes to attracting new talent. However, with great flexibility comes great responsibility… and a massively increased cyber security risk. With this in mind, the following tips highlight how businesses in 2017 can navigate the murky waters created by a mobile workforce and mitigate the associated risks.
- Integrate your IDaaS with HR
With organisations of all sizes increasingly turning to cloud-based technologies, incorporating an authentication infrastructure has become imperative to managing the vast number of employees accessing corporate documents, no matter where they are. Businesses using Identity-as-a-Service (IDaaS) can provide employees with methods such as Single Sign On (SSO) to log into and work on a multitude of corporate applications without having to continuously enter credentials. In practice, this is an important tool to facilitate the mobile workforce. However, if an employee’s user credentials aren’t deactivated promptly after leaving the company (with research suggesting this is 13 per cent of the time[1]) security is left open.
We like to think most former employees won’t exploit this access to corporate systems, but it only takes one disgruntled ex-employee to cause a breach. In the next year, human resources (HR) will place a high importance upon IDaaS to ultimately simplify the on-boarding and off-boarding process, closing a door that was previously wide-open for cyber criminals and disgruntled ex-employees to exploit.
- Extend security to the virtual office
With modern technology evolving at such a fast pace, employees are no longer bound to the office and are choosing to work from disparate locations, extending the corporate perimeter to a radius that covers the whole planet, regardless of business size. This surpasses the physical and cyber perimeters of your office, thus requiring a multitude of mobile endpoints to be unified and protected under a unified device management strategy.
With the technological evolution showing no signs of abating, organisations must extend perimeter defences in 2017 to protect employees on the go by enrolling laptops and portable devices into cloud directories. No matter where employees are based, cybersecurity should be given equal weighting and the virtual office must be treated the same as the traditional HQ.
- Protect your business from external threats
In the past year, the issue of security has increasingly become a problem for the entire C-suite. High profile cases in the UK, such as the recent ‘Three’ hack, which saw 133,827 customer accounts compromised, have highlighted the dangers of insufficient threat detection to protect customer data. It can be tempting to put all sensitive data on lock down, but that’s simply not practical or good practise for promoting a healthy work culture or an efficient workforce. To mitigate such risks, organisations of all sizes must have perimeter threat detection in place to detect and mitigate the dangers.
To conclude, the rapid influx of mobile devices into the modern enterprise has thrust issues such as bring-your-own-device (BYOD) and shadow IT into the spotlight and by now, the majority of CEOs have figured they are here to stay. If they haven’t, then 2017 will bring with it a major wake up call.
In order to tackle threat detection and wider security strategies head-on in 2017, organisations need to be proactive, rather than reactive. By doing so, anomalies on user profiles and mobile applications can be detected at a much faster rate.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.