As we find ourselves under lockdown for a third time, a return to the office looks unlikely for the foreseeable future. Even when businesses do begin to reopen their doors, a sizeable part of the population will continue working flexibly. Businesses must ensure their workers can access resources and collaborate with colleagues securely at all times, regardless of where they are working.
The switch to a full-time remote workforce meant businesses have had to approach cybersecurity in new ways. IT teams have been met with the trials and tribulations of an employee base split between the office and the home, and supporting a long-term hybrid model is now vital – to this end, an appreciation for identity and access management (IAM) is crucial.
Protecting a remote workforce
As the work-from-anywhere culture continues, IT leaders have had to contend with numerous security challenges and an expanding cybersecurity threat landscape. Throughout the COVID-19 pandemic, cybercriminals have been busy targeting remote workers. With employees connecting through outdated home devices and networks and mixing work and personal activities online, they often do not realise they could be putting their company at risk with poor cybersecurity behaviours. For example, many employees don’t realise that using a weak or reused password can be one of the most dangerous security practices and has led to some of the most devastating corporate data breaches.
To avoid these security mistakes from home, IT teams need to implement IAM solutions like password management and single-sign-on, to improve and solidify their organisation’s cybersecurity as the security landscape shifts and remote work continues.
A recipe for security
When user identities are securely managed, a business can ensure that the right employee has access to the right resources, from the right devices, at the right time. Employees can work more efficiently when they can effortlessly access the data and resources they need to use. By combining passwordless employee access and encrypted credential sharing with strong authentication, IAM solutions can help businesses improve the employee experience and safeguard from cyberthreats even as employees connect and work from anywhere in the world.
A strong IAM framework is supported by three crucial security pillars: secure access, secure sharing and secure authentication.
· Secure Access – No matter where employees are located, at home, in the office, or a combination of the two, they need access to their accounts, documents, apps and more. By harnessing single-sign-on (SSO) employees can access all their assets with one set of credentials, quickly, securely, and from anywhere.
· Secure Sharing – Today, virtual collaboration amongst teams is a must, and employees need a secure way to share access to accounts and documents. The best way to share credentials is through an enterprise password manager (EPM), which provides safe storage of usernames and passwords, that remote team members can access from anywhere.
· Secure Authentication – As remote workers are increasingly targeted by cyber-attacks, additional login requirements like multifactor authentication (MFA) slow down attackers without compromising employee access.
Putting a strategy into action
With a thoughtfully planned and well-executed IAM strategy in place, the prospect of a long-term remote or hybrid workforce should not be daunting. The first step IT managers must take is understanding how their business needs align with IAM. A one-size-fits-all approach to IAM does not work. Every industry, and business within an industry, is unique and requires its own set of IAM needs. All businesses need a way to manage their employee’s identities, but some organisations may find that implementing a certain IAM solution is of higher priority, or that with their industry requirements they need to focus on one IAM aspect over another. It is vital that IT decision-makers keep their organization’s core business objectives in mind when developing their IAM strategy, to ensure they derive the most value from their solutions.
Moving into the future securely
A flexible working model is no longer a nice-to-have, but an essential component of work in 2021. Companies that prepare themselves for the new realities of working will be better positioned to drive growth in the coming years. With recent research revealing 59% of respondents see improved security as a priority over the next year, a solid approach to IAM will be critical to keep the hybrid workforce secure.
The cybersecurity threat to organisations is here to stay, but working to limit slip-ups in employees’ online security posture will help to reduce the chances of a breach. Employees will no doubt work more productively when equipped with the tools to keep cybercriminals at bay. To this end, solutions which centralise IT oversight to access points and introduce additional layers of security will help to ensure businesses can move into the future confidently and more resilient.
CIO
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.