For the past few years, security professionals have had to change the way that they go about protecting their organisations. From challenging old assumptions around access control through to implementing more access management and authentication policies, security has been at the heart of how companies have responded to the pandemic.
The journey to more modern security processes that could support more flexible working was a rapid one. Remote work programmes have bedded in, based on how IT security teams have implemented better identity and access control.
Identity and access control
According to our research, the use of biometrics for authentication has doubled. In 2022, 55.9 percent of systems administrators say that biometrics have been implemented in their companies, compared to only 22.3 percent of admins that said their company used biometrics in 2021.
Around 18 percent use SSO for their collaboration tools, while only 12.5 percent are not using SSO
Similarly, single sign-on (SSO) has increased in popularity with 33.9 percent of companies using SSO across their entire organisation and 35.6 percent using SSO for a limited number of apps or devices. Around 18 percent use SSO for their collaboration tools, while only 12.5 percent are not using SSO. The change in a year has been huge - in 2021, only 20.4 percent of companies were using SSO.
Remote work programmes
These changes were essential in order to make remote work, well, work. Without the ability to control access and be sure that someone is who they say they are, remote work programmes can’t succeed.
However, while these initiatives have succeeded so far, security management problems still exist. According to the Verizon Data Breach Investigations Report for 2022, there were more than 23,000 incidents and 5.000 data breaches at companies, showing the sheer scale of security problems that we are up against as an industry. While we have come far on the security journey, we can’t say that we are out of the woods yet.
Security is the highest priority
Security teams have gone through a lot of changes in how they make everything work
According to 59.4 percent of systems administrators, security is now back as the number one challenge for them. Balancing security and user experience is critical too - no user wants to work with services that are cumbersome or intrusive, as it gets in the way of them being productive. Many employees can easily find alternative employment too, so implementing any security and access control processes that get in the way or hamper people in their work can easily lead to losing staff.
Based on these trends, security teams have gone through a lot of changes in how they make everything work. The issue now is not so much making remote work possible, but instead how to make this process simpler and more efficient both for the user and for the security team responsible for everything. Users want secure frictionless access and authentication to all their IT resources.
Maintaining effective security
In the rush to get everything ready for remote work, companies invested in tools and products to fix the gaps that they had. For example, 38.2 percent of teams use three or more tools to manage their IT security. This worked at the time. However, the technology sector is famous for never standing still. All those tools have evolved and added to their services. This leads to more overlaps and redundancy in functionality, where the same overall goal can be achieved multiple ways.
38.2 percent of teams use three or more tools to manage their IT security
In practice, this means that security teams can be paying more than they need to in order to maintain effective security. To respond to this, teams can look at how they consolidate their tools and remove anything that is a duplicate. This should help the security team to reduce their spend, but also help to streamline the overall process to manage access and security over time.
Security and consolidation
This kind of cost saving is important as it can help IT teams get ahead of any problems due to the current macroeconomic situation taking place. Supply chain delays, employment pressure and inflation can all affect businesses, and this will affect IT budgets and goals. For 26.2 percent of IT teams, recession planning is already taking place, while 57.4 percent consider recession planning a good idea. Only 5.1 percent of IT teams say inflation does not worry them.
This consolidation exercise can provide an opportunity to look at the whole process around security and access, and what employees have to do in their work to keep secure. Auditing this can show up potential problems around how people work, but it can also flag where there are opportunities to improve the experience for users too.
Providing easier access
Biometric access can be used for logging into devices or physical access to buildings
For example, biometric access can be used for logging into devices or physical access to buildings. This implementation can be extended to provide easier access to other services and single sign-on to applications. This joined-up approach can make biometric authentication more useful in how people work, rather than solely about protecting devices.
Similarly, any tools that you have in place may be able to help your team improve their processes. For example, patching software is one of the biggest tasks that IT teams have to manage. Automating this area is a goal that all teams want to achieve, but the work is hard and - to be blunt - boring. Security can help here, as it will already have to know all the assets that the company has.
Effective security processes
This can be extended to cover more device management around areas like patching the software. By consolidating your approach, you can achieve more goals at the same time. All the work that security teams have put into managing access has helped their companies expand their possibilities for work.
However, the economic situation means that there is more pressure than ever on how companies function. Helping employees across the company to work more effectively from wherever they are is critical for the future. This requires effective security processes to be in place that can identify and authenticate users, making them more efficient in their processes. Without this ability to make security easy and transparent for users, we will still have far to go in our mission.
- Network / IP
- Digital video surveillance
- Security management
- Security devices
- Security monitoring system
- Security access systems
- Radio frequency Identification
- Voice recognition systems
- Video analytics
- Identity management
- Security software
- Physical Security Information Management (PSIM)
- Integration software
- Central Monitoring
- Fingerprint Locks
- Data Security
- Mobile access
- COVID-19
