Why IAM is key to securing a remote workforce

Why IAM is key to securing a remote workforce

Ian Pitt, CIO at LogMeIn, discusses the benefits that a strong IAM framework can provide to organizations.

Ian Pitt, CIO at LogMeIn

The transition to remote work has undoubtedly impacted companies worldwide, and day-to-day business operations have shifted to support a long-term remote workforce. Now, seven months after the initial COVID-19 outbreak, a large majority of employees are still working remotely with no end in sight.

For many companies, the pandemic has forced organizations to rethink their security strategy as employees work from various locations. Despite this transition, employees still need to seamlessly access applications and files through a secure and reliable connection to maintain daily operations. Investing in identity and access management (IAM) is now, more than ever, critical to facilitating a secure remote workforce.

Security challenges of a remote workforce

As more companies adopt a work-from-anywhere culture, leaders have had to anticipate the challenges that will arise from this expansion of the office perimeter and evolving cybersecurity landscape. Today’s hackers seek opportunistic moments in time to capitalize on fear and anxiety.

The COVID-19 crisis has paved the way for cybercriminals to seize apprehension and infiltrate often-outdated home networks and unmanaged personal devices in this new remote work environment.

To better defend against security threats such as shadow IT, phishing and credential stuffing attacks, IT and security teams must ensure basic security best practices are mandated. Employees often do not realize that weak or reused passwords cause some of the most destructive data breaches.

With IT having less oversight of remote employees’ online behaviors, adding an extra layer of protection is necessary to mitigate potential cyberattacks. Businesses need to put a high priority on implementing IAM strategies, such as implementing a password management or single sign-on solution, to improve and strengthen the overall security of the organization.

Prioritizing identity and access management

With remote work now the default choice for many, businesses have no choice but to securely enable their employees to work from anywhere, into the next year and beyond. Supporting remote work requires a robust IAM strategy that can address unique challenges and cyberthreats.
That means the ability to securely connect to apps, websites, databases and other company resources with minimal friction. Recent research shows that 98% of IT decision makers agree that IAM is crucial for securing the remote workforce. Additionally, 59% of IT decision makers are enforcing stronger security through IAM in the next year.

IAM technologies like single sign-on and password management keep employees moving from task to task while removing security risks. Adding protective measures like multifactor authentication (MFA) can further enhance security by leveraging advanced technology that employees always have with them, like their smartphone.

Here are a few benefits that a strong IAM framework can provide to organizations.

  1. Secure access to all resources: With the workforce largely remote, employees now need access to all resources – data, accounts, services, applications – from any location to do their jobs. SSO is a quick and easy method to allow employees to connect to the resources with a single set of login credentials instantly. Additionally, IT teams can understand who is accessing the resources, with the flexibility to grant additional access to applications or revoke access as needed.
  2. Secure sharing of access: When employees work remotely, virtual collaboration is key to maintaining productivity. Teams need an effective and secure way to share access to accounts and data. Enterprise password management (EPM) provides safe storage of shared corporate credentials so that remote team members can access shared accounts from anywhere.
  3. Secure authentication to prevent cyberattacks: Since cyberattacks are on the rise, businesses need to enforce additional login requirements such as MFA to mitigate the risks without disturbing employee workflows. Installing this added layer of authentication significantly increases security in a quick and easy way.

Shaping an IAM strategy for remote work

With the right IAM strategy in place, the shift to remote work can be a seamless transition. However, understanding business needs is critical to determine the perfect IAM mix. While there is no one-size-fits-all approach to IAM, many times the answer is dependent on the business’ industry.

For example, financial services and media organizations have two very different IAM objectives. Since cybercriminals heavily target financial information, financial service organizations focus on reducing risks.

Given this, many financial organizations deploy an integrated IAM platform to secure access to all the organization’s resources, allowing IT to have better insight into who can access information. Whereas the media vertical heavily relies on external consultants to aid with digital, print and television media opportunities, so as a result, securely sharing resources is a top priority for this industry.

Whether healthcare, education or financial services, an IAM solution greatly benefits organizations across industries by providing flexibility, accessibility and empowering productivity among remote employees to support a secure business. Understanding an organization’s core business objectives is a critical starting point for determining how to derive the most value from IAM efforts.

IAM in a post-pandemic world

The days of temporary remote work have long passed and many companies are moving permanently to a more flexible, ‘work from anywhere’ environment. In a post-COVID-19 world, a new digital dynamic workforce will emerge with employees working in office, from home and a combination of both.

With individuals operating from various locations, security teams will continue to face increased pressure to provide the same level of security as they typically deliver in the office. C-suite executives will have a greater responsibility to invest in technology and strategies that drive both security and productivity in this new environment.

Although most organizations (96% have had to shift their IAM strategy to support the current remote workforce) many will need to continue re-evaluating and investing in IAM to foster a secure work environment. As the world continues to shift and change in the wake of the pandemic, it’s clear that IAM will play a long-term critical role in securing the growing remote workforce.

Browse our latest issue

Intelligent CISO

View Magazine Archive