Santa?s Little Helpers? The Surge of Seasonal Workers Brings Additional Risk
As the holiday season approaches many retailers are creatively leveraging the gig economy to help increase seasonal staff to accommodate the increased demand for both in store and online sales.
Since most data breaches start with a compromised identity, it is important organizations have a simple way to onboard and offboard this surge in new employees so that it isn’t complicated and cause unnecessary risk and costs.
The seasonal workforce must be able to access the systems and data they need to ensure a successful holiday season, but also ensure their access is controlled, limited only to what they need, and can be deprovisioned or adjusted immediately following the season.
Here is a quick checklist to control your identity naughty or nice list as you ramp up staff for the season:
1. Have an Identity Lifecycle Management plan – remember, with a transient workforce, it’s important to manage the identity lifecycle from when someone joins until they leave. And it needs to be simple so you can quickly onboard a new hire and revoke their privileges after the peak surge.
2. Understand what access you want to grant to these temporary employees.
3. Create an access governance plan which puts rules/policies in place to ensure the right people have the right access. There are three types of policies that are most relevant to retail.
– Joiner, Mover & Leaver policies: These policies help manage the identity lifecycle– they prompt an access request when someone joins (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Angel Grant, CISSP. Read the original post at: http://www.rsa.com/en-us/blog/2018-11/santas-little-helpers-the-surge-of-seasonal-workers-brings-additional-risk.html
