Over the past year, we’ve learned a great deal about how adaptive our entire workforce could actually become. Back when we all packed up our work necessities and headed home, many organizations were asking themselves the same question: “How will we keep our workforce productive while also protecting the resources needed to maintain company growth?”
Early on in the pandemic, communication tools once leveraged by individual teams (Zoom, Slack, WebEx) became the mainstays of office connectivity and coordination. Although secure, business applications needed to deepen their integration with security providers to help further protect access to resources, and to help enterprises best secure their entire workforce in a time when many employees no longer fell under the protection of the corporate network. Companies increased investments in IT and information security while looking forward to returning to “normal.”
Now that we’re deep into this significant transition, it’s increasingly unlikely that enterprises will return to their pre-pandemic structure. Fortunately, employees have demonstrated tremendous resilience working from home to maintain business continuity. Although many people find themselves longing for the day they can once again be face to face with coworkers, the adjustment has given more time for work-life balance and shown how productive a workforce can be when operating outside of the traditional office environment. Business leaders are facing the likelihood of a distributed, work-from-anywhere workforce—and they need to determine how to best embrace this new framework.
As we approach what (we hope) is the waning period of the global pandemic, we must assess the impact of what we have learned about how to effectively and securely run our organizations. As we put those learnings into practice in the coming months and years, identity security promises to play a large role.
The Shape of the Next Generation Workforce
Before organizations can confidently put plans into place for supporting the next generation workforce, they need a clear understanding of what that model will look like. As the precautions and restrictions that were implemented due to the pandemic subside, it’s our belief here at Ping that many employees will opt to return to the office to be around coworkers and foster the creativity gained through in-person and workplace interactions. But we also recognize that some employees have experienced many benefits of remote work, and will choose to continue that for the foreseeable future.
Business leaders must address this balance: the reality of how and when to bring team members together, and when to allow remote work for those who benefit from it. We expect that this “pulse,” where organizations and teams gather not only for camaraderie but also for impactful creative sessions and work streams that they can take and execute in the office or from home, will be a prime force in fashioning what work looks like. As organizations prepare for the next transition phase, they must take key considerations into account in order to retain their talent while balancing employee morale and productivity.
This past year expedited these considerations as our existing workforce adapted to their new work environments and new generations entered the workforce. Millennials and Gen Z accounted for 35% of the global workforce in 2020 and are expected to grow to 58% by 2022. These employees have shown themselves to be strong proponents of remote work, and this will put pressure on businesses to create an environment that will enable the right amount of access and engagement to keep the existing and new digital era of workers productive and happy.
In addition, with the growth of mobile device usage and the enhancement of technology in general, we can predict the increase of risk associated with this growth. Mobile device usage offers up opportunities for end-user behaviors that expose a company to risk simply because of an accidental transaction. Now with 5G, end users could ultimately carry out the same accidental behaviors, and the speed at which these behaviors are exposed will grow exponentially. The challenges of the identity and security control space will be happening at a much faster rate, in three main areas of growth and risk:
Greater ability to work remotely will bring improved connectivity, which will increase greater risk at endpoints.
The realized potential of new tech will increase functionality but will also increase the attack surface.
More productive employees will lower latency but accelerate attack speed.
Given all these factors, we expect the following key security measures to remain and strengthen the future of the workplace.
This next gen workforce will expect companies to continue enabling them to work from anywhere at any time on any device. There’s no sign the “bring your own device” (BYOD) phenomenon will slow down, and with the proliferation of business applications offering mobile app experiences, users of this generation are increasingly likely to answer that Slack message on their phone or quickly input that PTO request while on their daily walk. Device management, particularly mobile device management, is imperative when securing your next gen workforce. Employers must recognize the devices used on a daily basis and their posture to balance accessibility and security.
Zero Trust furthers those goals by helping to secure devices, users, APIs, data and more, no matter where they are located. Zero Trust begins with identity, because being able to identify everyone and everything is fundamental to establishing that you (or your device, or another resource) truly are who you say you are.
Improving the workforce experience while managing the diversity of accounts and data access mandates the necessity for a simple interface. Human behavior dictates that if users aren’t able to get what they need when they need it, they will find better, faster ways—and those “better” ways may compromise security. (Think password reuse, a notoriously risky practice.) The reality is that if you’re not creating this type of entry for your workforce, you’re hampering their productivity and increasing risk.
Single sign-on (SSO) for employees is the beginning point for security and for easy, fast access. By allowing a user to sign on with one set of credentials and gain access to multiple applications and services, you ensure a seamless, secure way for them to access resources. SSO increases security and provides a better user experience by reducing the number of required accounts and/or passwords and offering simpler access to all the apps and services employees need.
Intelligent Authentication and MFA
Making the authentication experience more intelligent is an important factor in employee satisfaction. But keep in mind that the appearance of security is not the same thing as security. Requiring your employee to jump through multiple different authentication factors or compliance checklists—even though trust signals recognize they are accessing that information at the same time, place and device they have been for the past year—will limit overall productivity and satisfaction.
You can boost both by offering your workforce multi-factor authentication (MFA) that is intelligent and adaptive. By allowing users to bypass MFA in low-risk scenarios while requiring stronger security for high-risk situations, you eliminate friction and lower security risks.
Solving Security Challenges with Identity
Identity is the steel thread in having a central identity repository with consistent authentication to any application from any device or location. Reducing dependencies on VPNs, improving device security with intelligent authentication, and redesigning better ways to trust the user are all a part of securing your enterprise for the next generation workforce.