Closing a Security Gap without Jeopardizing Privacy – The Future is Here
“The work has to get done, and it doesn’t matter where you do it.” This is the statement that has been playing on loop for the past 20 months, and there is no pause button. The distributed workplace is here to stay, and companies have made countless adjustments to accommodate their workers, implement new processes and scale technology applications to support operations and customers. With change comes opportunity – good and bad – that companies need to account for. Good opportunities in the form of increased worker flexibility and productivity, and bad opportunities in the form of higher probability of fraud and security incidents tied to inefficient access management. The latter creates a massive security gap for organizations in this new workplace dynamic.
It does not matter where you do the work
True statement. But it does matter how employees gain access to their company and work. It also matters how employers facilitate that access without making their employees uncomfortable. This seems like a challenge on the surface, but it is not. It is a challenge we at BehavioSec have worked to solve for and scale. Companies need a way to authenticate their best resources – their people – so that that they can deliver the best experiences for their customers. It’s what one of the largest retail companies in the world has asked us to do – offer a reliable mechanism that verifies users are who they claim to be without tracking sensitive data, to ultimately protect both the organization and the employee. And any company regardless of their size, can make this their reality, too.
It matters how you authenticate and maintain employee privacy
Asking employees to authenticate using a fingerprint or requiring the identification of their gender or other personal information is just not acceptable. Only requiring employees to authenticate using a password is just not a good security practice. Behavioral biometrics – applying behaviors and human interactions and using those insights to authenticate an individual – is the best compromise without getting compromised. A common misperception is that applying behavioral data or behavioral profiles requires incorporating elements of individuals’ personal information. This is the farthest thing from the truth. With behavioral biometrics, it’s not about what they do but how they do it, meaning it isn’t a form of surveillance to view your sensitive or personal information. This should put employees at ease, especially if behavioral biometrics practices are reviewed, scrutinized, and given approval by a company’s legal and compliance teams. But why do companies even need to consider applying behavioral biometrics?
It is all about strengthening the security posture
Working from anywhere unlocks a multitude of bad scenarios companies continuously need to account for – regardless of how much trust they have in their employees. Scenarios such as working at the coffee shop remotely or in the office at a shared desk and stepping away without locking the laptop. Or activating a new group of remote contractors who do not require the same level of background checks as full-time employees before their first day and could introduce a new level of risk whereby a third party or acquaintance they work with could gain access into the company or key files and fraudulently set up new accounts. Or the 20-year employee who’s been let go as part of a reorganization effort but wants to retaliate by stealing company data or files. This all needs to be accounted for.
Companies need that continuous authentication, but they cannot rely on a solution that creates more operational friction or jeopardizes their security posture because of the solution’s deployment limitations. That’s why BehavioSec recently created an easily consumable, SaaS-based version of its solution to stay in lockstep with organizations no matter their size or stage of their digital transformation journey.
The reality is companies can close their security gaps to maintain operational success in this distributed workplace dynamic without making any concessions or jeopardizing their employee privacy in the process. The future is here thanks to BehavioSec.
The post Closing a Security Gap without Jeopardizing Privacy – The Future is Here appeared first on BehavioSec.
*** This is a Security Bloggers Network syndicated blog from BehavioSec authored by Anton Klippmark. Read the original post at: https://www.behaviosec.com/closing-a-security-gap-without-jeopardizing-privacy-the-future-is-here/
