The Four Success Factors behind Secure Access for Your Employees

July 12, 2016

To continue recapping my recent interviews with Gartner's Mary Ruddy and Ping CTO Patrick Harding, this is the second blog in a four-part series. In the first blog, Mary and Patrick shared their perspectives on digital transformation and the future of access management.


Today, let's dive deeper into what's needed to successfully provide secure access for employees during digital transformation. I asked both Mary and Patrick how providing secure access is different for employees than for partners or customers and what the specific requirements or considerations are.


Their responses revolved around four key factors of success. To ensure secure employee access in today's digital world, here's how Mary and Patrick say you'll succeed:


1. Identify Unique User Requirements

Both Mary and Patrick agree that a subset of different access requirements and features will depend upon users being employees, partners or customers. Here are a few areas you should consider when gathering requirements:


  • Scale: Generally, the number of employees is in the thousands vs. millions for customers.
  • Usage predictability: Employee usage patterns (time of day and devices used) are typically more predictable.
  • Level of trust: Mary points out that your relationship with employees is closer and level of trust is higher.
  • Business driver: Patrick points out that the goal for employee identity architecture is typically bottom-line focused (reducing cost and improving productivity).


Patrick summed it up nicely, saying, "The goal here is to really provide a consumer-like experience for employees, so that they don't feel like they have to be tethered to their desk... to get their job done."


2. Leverage a Single, Flexible Architecture

User requirements vary, but you should be able to leverage a single platform to provide secure access to all users. Mary cautions that a single system should be able to address these differing considerations, but that you still need to ensure you're providing the features needed for each user constituency.

But Patrick states that you can address these individual needs using a combination of technologies and Identity as a Service (IDaaS) solutions. He explains that you may choose to "have different deployments of this technology for varying availability or performance reasons, but the basic architectures... are actually identical."


3. Strengthen Security with Multi-factor Authentication

Digging deeper into the unique aspects of employee identity, Patrick describes what he calls "coffee shop IT." This means that companies today are looking to allow their workforce to leverage any device from any location (like a Starbucks) and have an experience that's the same or similar to what they'd have at their desk.

To do this, he explains that you need to provide a set of security services that allows users to access enterprise, SaaS and public cloud applications from any device using browser-based and native applications. And to do that, you need a strong authentication experience or MFA. This might start with a password, but it's complemented by modern mobile-based strong authentication.

Mary agrees, citing that providing employees "access to the systems they need from anywhere to anywhere when they need it" is in fact business enablement. Of course, providing this access also means evaluating how well your strong authentication can mitigate risk. "For a lot of organizations, that can mean adding multi-factor access for their regular employees for the first time," she explains, adding that many choose smartphones to provide multi-factor authentication because employees have them readily available.


4. Provide Single Sign-on for a Seamless Experience

As Patrick explains, a strong authentication experience stretches to support single sign-on (SSO), so that employees can access all applications seamlessly and without needing to re-authenticate. He adds that a consistent access policy can then be applied across all applications--enterprise, SaaS and mobile--so that users are accessing only those applications they're authorized to access.

Mary agrees, citing the popularity of Microsoft Office 365 as another reason to provide SSO. She recommends that organizations making a move to Office 365 should also be looking into SSO to address its specific access requirements.  

Some might think that granting secure access to employees is challenge, but those leading the digital transformation see it as an opportunity for business enablement and continuous improvement.

To hear Mary's and Patrick's full views on secure access for employees, watch the complete video. And stay tuned for the next blog in this series, where I'll share the experts' perspectives on customer identity in the digital enterprise.