Most businesses have had to adapt to some form of remote working over the past year. Whilst there have certainly been challenges with this transition – especially given the speed with which this process had to be carried out – the benefits of working from home has left many organisations adopting a hybrid working approach.
Yet the benefits associated with remote working are also accompanied by difficulties, with the blurring of the line between professional and personal. Where previously security behaviours were influenced by the presence of peers in an office environment, thereby encouraging better practice, the naturally more relaxed environment of home working means employees can become less vigilant with certain practices. Certain corporate resources, which would previously never have left the confines of the office, are now more exposed to access by family, trades persons, or any other visitor to a household. Employees are also less able to ask for off-the-cuff advice from a colleague, which can increase the chance they click on a suspicious link and compromise sensitive data.
Most of these risks centre around password security. If employees are in control of their own passwords, then the move towards hybrid working can significantly raise the potential exposure of this sensitive information and increase the risk of a data breach. Today, we’ll explore the effect hybrid working can have on password security, and why a passwordless solution can help businesses mitigate these risks.
The process of efficiently offboarding employees has long been a potential pain point for businesses, and the pandemic has only served to exacerbate the problem. With recent ONS stats indicating that job vacancies were at a record high between May and July, having grown by 43.8% compared with the previous quarter, it is clear there are a host of job opportunities on the market at present. A greater number of opportunities can often lead to greater staff turnover, so it’s clear that managing offboarding and the security risks it can pose will need to be a priority for businesses.
The increased adoption of hybrid working makes this already tricky process even more difficult. In addition to the usual challenges of project reallocation and transferring knowledge and responsibility, there is also an inherent security risk. Employees may often still have access to corporate data long after they have left a business, particularly if they have been working from home or under a hybrid working model.
40% of business leaders surveyed by My1Login state they are concerned that when employees leave, they may know passwords or retain access to applications that contain corporate data. This creates an additional point of exposure, as employees are less likely to feel a duty of care for their previous company’s data and may even use their continued access for malicious purposes. Hybrid working complicates this process, and therefore increases the level of risk.
Onboarding presents a similar challenge, albeit with more of a focus on efficiency than security. The process of getting new employees provisioned with access to the appropriate applications efficiently has always been an issue for businesses, curtailing their ability to ramp up in their new role. Remote working has only served to exacerbate many of these challenges, elongating the process of provisioning new starters with access to the right applications.
A stilted start not only affects productivity but also threatens new hire retention. A passwordless single sign-on solution (SSO) speeds up the process, giving starters access to every application they require in one swoop, meaning they can hit the ground running and feel integrated within the organisation from day one.
A passwordless SSO solution can be of great help with the processes mentioned above, but it needs to be comprehensive to have the desired effect. While 51% of business leaders surveyed by My1Login use an SSO, only 20% report that their solution works with all applications, undermining the benefits that such a solution should provide. The result is employees with multiple passwords, ex-employees retaining knowledge of login details and a solution that is not tackling the issue it is supposed to.
Hybrid working only exacerbates this issue for businesses. Employees will have to stay on top of different login details depending on whether they are working in the office or from home, which affects productivity and creates an additional security risk. Any passwordless SSO solution must be comprehensive if it is to have the desired effect for businesses, and this is something My1Login can provide.
My1Login’s SSO solution is widely compatible with over 10,000 applications, including applications that other solutions struggle to integrate. Our research found that when this incompatibility is combined with less than 100% adoption rates and not every password being stored on the solution, the level of risk mitigation can fall as low as 35%. In comparison, My1Login’s SSO Solution boasts 95% app compatibility, with a 100% user adoption rate and 100% of enterprise passwords stored by users, resulting in an overall level of risk mitigation for customers of 95%.
Rapid deployment and the option of a zero-user interface means new employees can seamlessly gain access to the applications they need to begin their new role, without adding to the already burgeoning amount of new information they are expected to take in. It takes the responsibility away from employees and allows them to adapt to hybrid working without having to worry about increased risk, whilst ensuring access to sensitive corporate data is not left in the hands of offboarded employees. With hybrid working set to stay for the foreseeable future, a comprehensive passwordless SSO solution addresses problems both new and old, and helps keep businesses more secure as we evolve into a new way of working.
Find out more about our Passwordless Authentication.