It’s a constant struggle in organisations around the world – how do you balance IT Security with productivity? If you give users too much freedom in your network, risk increases. But add too many security gates, and productivity can dwindle.
It’s a constant struggle in organisations around the world – how do you balance IT Security with productivity? If you give users too much freedom in your network, risk increases. But add too many security gates, and productivity can dwindle.
We all know that IT Security protocols, like multi-factor authentication (MFA) are very effective at stopping fraudulent sign-ins, yet many businesses are failing to adopt these basic security measures.
Why? User inconvenience is cited as the main reason. MFA is not expensive. In fact, it’s free to enable in nearly all cloud applications. But users are failing to implement MFA because it is time-consuming. For example, a recent report from Microsoft found that only 22% of Azure Active Directory users had MFA enabled.
However, sacrificing IT Security can hurt productivity. Downtime due to a data breach is expensive and can put smaller companies out of business. Fortunately there are some simple ways you can improve IT Security without sacrificing convenience.
Use Contextual Authentication Rules
Not every user needs to go through the same authentication process. If someone is working in your building, they have a certain trust factor. If someone is attempting to log in from outside the country, they do not have that same trust.
Contextual authentication is used with MFA to target users that need to reach a higher bar. You may choose to limit or block system access to someone attempting to log in from a certain region. Or you may need to add an additional challenge question for users logging in after work hours.
Companies don't need to inconvenience people working from normal locations during typical hours. But they can still verify those logging in under non-typical circumstances. Some of the contextual factors you can use include:
Time of day
Location
The device used
Time of the last login
Type of resources accessed
Install a Single Sign-on (SSO) Solution
A report on U.S. employees found they use a lot of apps. Workers switch between an average of 13 apps 30 times per day. That’s a lot of inconvenience if they need to use an MFA action for each of those logins.
Single sign-on applications solve this problem. They merge the authentication process for several apps into just one login. Employees log in once and can go through MFA a single time.
Using multi-factor authentication isn’t nearly as inconvenient. Users gain access to everything at the same time. SSO solutions help organizations improve their security without all the pushback from users.
Recognise Devices
Another way to better secure network access is to recognize devices. This is typically done using an endpoint device manager. This automates some of the security behind user authentication. Thus, it doesn’t inconvenience the person.
First, register employee devices in the endpoint device manager. Once completed, you can then set up security rules. Such as blocking unknown devices automatically.
You can also put in place device scanning for malware and automated updates. Both these things increase security without sacrificing productivity.
Use Role-based Authentication
Your shipping clerk may not have access to sensitive customer information. But your accounting team does. One can have a lower barrier to authentication.
Using role-based authentication saves time when setting up new employee accounts. Authentication and access happen based on the person’s role. Admins can program permissions and contextual authentication factors once. Then, the process automates as soon as an employee has their role set.
Consider Adding Biometrics
One of the most convenient forms of authentication is biometrics. This would be a fingerprint, retina, or facial scan. The user doesn’t need to type in anything. It also takes just a few seconds.
Biometric hardware can be costly, depending on the size of your organization. But you can introduce it over time. Perhaps using biometrics with your most sensitive roles first, then expanding.
Additionally, many apps are now incorporating things like facial scanning. User can authenticate using a typical smartphone, making it much more affordable.
Need Help Improving Authentication IT Security?
Don’t give up important security because you’re afraid of user pushback. Please phone Digit IT on 07 4637 9033 and schedule an IT Security consultation.
Source: The Technology Press.