A safe employee, a safe company. How to improve the quality of hybrid work and to secure data?

Zero Trust, preventing data leakage and combating cybercriminals are things that businesses do on a daily basis. However, new features protecting from hackers, though indispensable from the company’s perspective, can be troublesome for employees. Can one ensure security of critical data without inconveniencing the users?

Cisco’s study entitled “Employees are ready for hybrid work, are you?” indicates that employees appreciate the possibility of working from anywhere. 69% of respondents admit that this model of performing duties has made them happy. 45% say that hybrid work improves their performance. However, only 57% believe that employees understand cyber risks related to this mode of work.

A lot depends on employees and their foresight. One should not forget that they perform their daily tasks using many different systems, including traditional corporate applications hosted in the company’s data centres, cloud-based SaaS solutions as well as mobile applications on their smartphones and tablets. They need to log into each service and the user verification process is always based on various mechanisms of identity management and access control.

That is a challenge for users who are forced to remember more and more passwords which change from time to time. To make life easier, they often use the same password for all applications, they create weak passwords or write them down on post-it notes which they keep next to their computers. Cybercriminals take advantage of such behaviours to intercept authentication data and get access to business information.

SSO. One password, multiple applications

Employees’ inclination to make their lives easier was the reason behind the authentication method which protects business data and is user-friendly at the same time. The Single Sign-On (SSO) technology makes it possible for users to access multiple applications and services with just one set of credentials. As such, it increases employee satisfaction and performance.

What are the key benefits of using the SSO solution?

Excellent user experience. SSO improves user satisfaction by eliminating the tiresome and frustrating process of inputting multiple passwords. Employees enjoy easy access to all their applications and services from any place or device and they can quickly change passwords and other account settings without submitting service requests or asking the technical support staff for help.

Better performance and collaboration. The SSO solutions increase employee performance by ensuring quick, easy and convenient access to all online resources they need to do their job. Companies can also use Single Sign-On to enhance collaboration with partners, providing external users with access limited to specific applications and services.

Risk mitigation. SSO improves security by eliminating risky practices of password management; users are much less prone to write their passwords down or to use weak, common or repeated passwords.

Adaptive MFA – flexibility and security

One of the ways to improve the security of using logins and passwords is MFA, i.e. multi-factor authentication. This technology requires users who log into systems or application to provide additional unique information such as an SMS code or biometric verification (fingerprints or FaceID).

MFA is becoming increasingly popular, but it can be inconvenient for business employees who do not have access to their company’s sensitive information on a daily basis. They simply do not want to go through a more complex process of identity verification.

That is why technology creators addressed user needs and developed Adaptive MFA. What we have here are flexible systems such as CyberArk Identity Adaptive MFA, based on artificial intelligence and machine learning, that recognise context (e.g. the user location, the time of day, the IP address, the device type and the rules set up by the administrator) and then enable an individual choice of authentication components, explains Krzysztof Andrian, CEO at Concept Data.

Such solutions are simple in operation. They use a behavioural analysis based on machine learning that records the user’s standard behaviours and triggers an alert if the user deviates from them. If the login process happens in usual (non-suspicious) circumstances, no additional authentication factors are necessary. But if something is odd, the system may require additional data or deny access.

This is a user-friendly tool, since it allows to define the login policy individually for each user. Every employee may also choose the preferable authentication method (e.g. push notification, token, SMS, e-mail, QR code, FIDO etc.).

The provider’s helping hand

In fact, many technologies can make an employee’s life easier. However, they should enable rapid and adequate implementation and configuration. Understandably, companies may experience problems when trying to adapt new solutions to their needs and to users’ needs. They also may not know how to make the best of the implemented system and tap its full potential. If that is the case, technology providers can help.

Let’s not forget that companies specialising in the implementation of IT solutions act, more often than not, as advisers who are able to analyse the customer’s needs, to select adequate tools for the purpose of supporting daily work and ensuring user comfort, and finally to implement and adapt the solution to the customer’s expectations and requirements, says Krzysztof Andrian. Today, the implementation of cutting-edge, cloud-based IT solutions that enhance data security is not a complex process. Especially when experienced advisers are engaged.

Enterprises which seek data security can choose from a wide range of solutions that will protect them from cybercriminals and facilitate user’s daily work. These solutions deliver on their promise.

More on remote working and secure data access:

Secure assess to company data. How to facilitate remote work, protect resources and support IT departments

Safeguards which understand the user. CyberArk Identity Adaptive MFA

If not VPN then what? The undeniable benefits of Zero Trust solutions

The IAM systems. Agile business that is secure, employee-friendly and in line with regulations