As the summer weather heats up, so does the desire to cut out of the office early and finish the workday from the park, a local pub patio or maybe the family cottage.
Now is the time where many of us take advantage of the ability to work remotely – using portable devices and free Wi-Fi or mobile hotspots to stay connected. While many managers are fairly flexible on this type of ‘perk’ if the position allows, IT security experts understand that is comes with some risk. To offset this, steps should be taken to ensure data and access is secure while at work, home or on the go.
Consider working remotely. Where do you start? The first thing you’re going to do is to sign into email or your white-listed business application of choice to access the files you need to do your job. Doing so in the office versus doing so on a busy summer patio poses different threats. Still, there are a couple of steps organizations can take to keep remote employees happy, while maintaining security. Here are four main ones to consider:
1. “Just enough” access
Whether it’s the summer vacation season or the middle of winter, this tip still applies. Limit the access entitlements that employees have to only what they need to do their jobs and nothing more. This sounds straightforward and simple, but it’s often a surprise at how much access employees can accumulate.
Often referred to as ‘access creep,’ the term refers to the additional access employees have received over time that was never turned off. This could be due to a previous role in another department or a special project the employee worked on. The idea here is that if employees only have the bare minimum of access and nothing more—should something happen and an employee’s access is compromised somehow—the risk to the company is lower than it would have been otherwise.
2. “Only when needed” access
There’s going to be roles that require elevated access to important data, as it’s the nature of business. But there are things organizations can do to limit that access with by putting extra protections in place so that the access is only granted when necessary.
A single sign-on solution is great for enabling employees to be able to access various applications from one simple location, but implementing a risk-based authentication that requires additional authentication if certain parameters are detected will help ensure additional safety measures are in place. For example, when the employee is detected in the office, they can click in without issue. When they are trying to access that application from elsewhere on their personal network though, additional authentication will be required to make certain they truly are who they say they are.
3. “Sorry, not now” access denial
In the same vain as the ‘only when needed’ access scenario, there may be situations or applications that organizations are going to decide they do not want to allow any access to outside of their strict controls. Through the use of an advanced authentication tool with Geo-Fencing included, organizations can configure a policy to limit access to only those users in the allowed location.
4. “I forgot my password” access
There’s nothing more frustrating than trying to get something done so you can sign off for the day and getting hit with password request. For example, consider trying to access a previous application you were working in to upload work (i.e. Box, Dropbox), and you are asked to enter a password you don’t remember.
In the case of remote working, due to some of the tips I described above, it’s not uncommon to be asked for that password once you’re out of your network. However, unless you’re used to working remotely and can recall it on the fly, it can be a real inhibitor of getting work done when you’re not at the office. This is where a self-service password reset tool is not only a godsend for the end user, but it also alleviates calls to the help desk and can increase security. The reason for this is that customized—or pre-written—challenge questions are more secure than verifying a user’s identity on the phone before resetting a password or unlocking an account.
We should all be allowed to enjoy some fun in the sun this vacation season. By incorporating some—or all—of these strategies, organizations can better prepare themselves for the inevitable summer ‘WFH’ requests and allow their employees to do just that. In doing so, companies will achieve a more secure environment for their employees who plan on sneaking in some much-needed family time.