This year the sudden transition to remote work caught many businesses off guard, especially from a security standpoint. As many companies continue to contend with a completely remote workforce, they have been forced to rethink their cybersecurity strategies. Employees need to be able to seamlessly, and securely, maintain their daily operations—accessing documents and applications and collaborating with colleagues no matter where they are located.
But, with many companies now giving employees the option to return to the office, and others indicating a return to office may not come until sometime in 2021, companies are recognizing they must be ready to support a long-term hybrid model. With employees jumping between home and the office, IT managers face the challenge of securing a consistently changing workforce.
It is now more important than ever for businesses to invest in identity and access management (IAM) solutions, which are critical in facilitating a secure workforce. Here’s why.
Remote Work & Security Challenges
As the work-from-anywhere culture continues, IT leaders have had to contend with numerous security challenges and an expanding cybersecurity threat landscape. Throughout the COVID-19 pandemic, cybercriminals have been busy targeting remote workers. With employees connecting through outdated home devices and networks and mixing work and personal activities online, they often do not realize they could be putting their company at risk with poor cybersecurity behaviors. For example, many employees don’t realize that using a weak or reused password can be one of the most dangerous security practices and has led to some of the most devastating corporate data breaches.
To avoid these security mistakes from home, IT teams need to implement IAM solutions like password management and single-sign-on (SSO), to improve and solidify their organization’s cybersecurity as the security landscape shifts and remote work continues.
Security and Convenience
When user identities are securely managed, a business can ensure that the right employee has access to the right resources, from the right devices, at the right time. Employees can work more efficiently when they can effortlessly access the data and resources they need to use. By combining passwordless employee access and encrypted credential sharing with strong authentication, IAM solutions can help businesses improve the employee experience and safeguard from cyberthreats even as employees connect and work from anywhere in the world.
A strong IAM framework is supported by three crucial security pillars: secure access, secure sharing, and secure authentication.
- Secure Access – No matter where employees are located, at home, in the office, or a combination of the two, they need access to their accounts, documents, apps, and more. By harnessing SSO employees can access all their assets with one set of credentials, quickly, securely, and from anywhere.
- Secure Sharing – Today, virtual collaboration among teams is a must, and employees need a secure way to share access to accounts and documents. The best way to share credentials is through an enterprise password manager (EPM), which provides safe storage of usernames and passwords, that remote team members can access from anywhere.
- Secure Authentication – As remote workers are increasingly targeted by cyber attacks, additional login requirements like multifactor authentication (MFA) slow down attackers without compromising employee access.
Developing an IAM Strategy
With a thoughtfully planned and well-executed IAM strategy in place, the prospect of a long-term remote or hybrid workforce should not be daunting. The first step IT managers must take is understanding how their business needs align with IAM. A one-size-fits-all approach to IAM does not work. Every industry, and business within an industry, is unique and requires its own set of IAM needs. All businesses need a way to manage their employee’s identities, but some organizations may find that implementing a certain IAM solution is of higher priority, or that with their industry requirements they need to focus on one IAM aspect over another. It is vital that IT decision makers keep their organization’s core business objectives in mind when developing their IAM strategy, to ensure they derive the most value from their solutions.
Facing the Future
There is no denying the remote and hybrid workforce is here to stay. Whether companies will be operating remotely through the end of this year, or next, the organizations that plan accordingly will be the ones who thrive in the coming years.
Recent LastPass research conducted with IDG found that 98% of IT decision makers agree that IAM is critical for securing their remote workforce. And notably, 59% said that increasing security for their remote workforce is a critical priority for them in the next year.
As cyberattacks targeting remote workers continue to increase, IAM solutions that centralize IT oversight of access points and regulate additional layers of security will protect organizations. In the end, as the world faces a future of remote and hybrid work, enabling employees to productively and securely work from anywhere will make businesses, organizations and industries more resilient as the work and office landscape continue to shift.
Get started building your organization’s IAM strategy today with LastPass Identity.
Gerald Beuchelt, Chief Information Security Officer, LogMeIn
Gerald Beuchelt is the Chief Information Security Officer at LogMeIn, makers of password and identity management solution, LastPass. He is responsible for the company’s overall security, compliance, and technical privacy program. With more than 20 years of experience working in information security, he is a member of the Board of Directors and the IT Sector Chief for the Boston Chapter of Infragard. In his prior role, Gerald was the Chief Security Officer for Demandware, a Salesforce Company. He holds a Master of Science degree in theoretical physics.