Today’s workers are no longer confined to the office. Nowadays, employees conduct business and engage customers from any location, at any time. To be fully productive they need simple and secure access to all their on-premises and cloud-based applications whether working from home or the road. For cybersecurity leaders such as Chief Information Security Officers (CISOs), it’s important to understand which Identity and Access Management technologies can enable remote employees to succeed, while preventing the organization from attackers.
Remote work security solutions allow organizations to safely extend business applications and services to teleworkers and nomadic users without impairing user experience or satisfaction. Remote work security solutions typically support Multi-Factor Authentication (MFA) functionality to validate a remote worker’s identity, Single Sign-On (SSO) functionality to simplify access and optimize user experiences, Identity Lifecycle Management functionality to streamline user administration and reduce security vulnerabilities and Endpoint Protection functionality to harden devices and restrict endpoint administrative privileges.
Businesses use MFA solutions to defend against credential theft and user impersonation. With MFA, a remote worker must provide several forms of evidence to gain access to an on-premises or cloud-based application or system—for example, a password and a one-time, short-lived SMS code.
Leading MFA solutions support adaptive authentication to prevent user frustration, while still providing strong security. Adaptive authentication uses contextual information like a user’s location or device type and business rules to decide which authentication factors to apply to a particular user in a specific scenario. For example, a teleworker accessing a corporate application from a trusted laptop might be able to log on using only a username and password. But to access the same app from an unknown device, the user might also need to enter a temporary SMS code sent to their cellphone.
Businesses use Single Sign-On solutions to improve user experiences and prevent users from engaging in risky behaviors like using common passwords or recording passwords in unsecure word docs and spreadsheets. With SSO, remote workers can conveniently access all their business applications and services using a single set of credentials.
Identity Lifecycle Management
Identity Lifecycle Management makes it easy for corporate IT organizations to onboard employees and manage their access privileges, from day one of their employment through separation. Identity Lifecycle Management helps improve employee productivity by giving new hires—including remote workers—immediate access to their applications and IT services they need. Lifecycle management also helps businesses reduce security risks by eliminating privilege creep and stale user accounts, automatically reprovisioning employees when they change roles or leave the company. Ideal for managing remote workforces, Identity Lifecycle Management solutions provide self-service portals that let users request access rights and update account information on their own, without IT help desk intervention.
Endpoint protection solutions (also referred to as endpoint privilege management solutions) help strengthen security and reduce risk by removing unnecessary local administrator privileges from remote-worker devices and by containing malicious applications and other threats at the endpoint. Endpoint protection solutions are typically deployed in conjunction with other endpoint security solutions such as antivirus software as part of a complete defense-in-depth security strategy.