Nigel Seddon, VP Northern Europe, Ivanti
As businesses continue to weather the storm brought on by COVID-19, it seems that most employees will be working – at least partly – from home for the foreseeable future. Many businesses have seen an unexpected spike in productivity with employees working remotely, causing them to consider shifting to a flexible, hybrid work structure in a significant move away from the traditional office-based work model. However, IT is facing many new challenges as a result of this, including how to safely and securely offboard remote workers as businesses have been facing a period of increased employee churn. Whether it’s the result of downsizing or employees moving on, remote offboarding can be difficult and getting it wrong can open up businesses to a whole host of compliance violations and vulnerabilities that can easily be exploited by attackers.
Effective offboarding has always been a difficult task for IT teams. Prior to COVID-19, research found it took 26% of IT professionals more than a week to fully deprovision an employee and nearly half were only somewhat confident that the former employee could no longer access critical data and systems. Now that IT is having to offboard employees in a remote environment, the process has become more complex.
Organisations’ networks consist of hundreds of devices, applications, shared content and services.
Each employee’s identity – such as their role, seniority and department – dictates which of these assets they can access. IT must ensure the smooth deprovisioning of these entitlements as a failure to do so can be detrimental to efficiency, compliance and security. Automating the technical aspects of employee identity management can be key in ensuring accuracy and simplicity in this arduous process.
Collaborating to remove complexity
Organisations typically view employee onboarding and offboarding as the remit of HR. However, the complexity associated with the process is largely due to the fact that it affects all aspects of a business, from HR to IT and beyond. The HR team is usually responsible for managing the entire employee lifecycle, from the day an employee joins to the day they leave. However, when it comes to the day-to-day technicalities of overseeing employee access to documents and software, this responsibility falls to IT professionals, who manage access to digital resources and networks. They often have to deal with staff enquiries and access requests, leaving them constrained by small, time-consuming and repetitive tasks, with little room for innovation.
Effective offboarding should also be the concern of employee line-managers and senior leadership within the organisation, as failure to effectively remove employee access can increase the entry-points for attack by malicious actors. Most notably, incomplete or ineffective deprovisioning could lead to the leakage of sensitive data, a cyberattack conducted through an unmanaged account or the deletion or theft of data by a malicious actor. Not only this, but it leaves networks vulnerable to malicious insider threats by disgruntled ex-employees after they have been dismissed. Collaboration across departments and a full oversight of who has access to what is the best defence an organisation can have against these threats, and getting employee offboarding streamlined is key in this process.
Automation, automation, automation
All stakeholders from IT to HR are finally waking up to the need to improve how digital resources are delivered and new automated identity management solutions are being developed and increasingly deployed.
Automated identity management tools can help businesses regain full control and oversight of employee identity management as well as streamlining the provision and delivery of application access throughout each employee’s lifecycle. As employees move on from the organisation, these permissions can be safely and easily removed by an automated identity management tool that can proactively decipher the resources each employee has access to and revoke these entitlements as needed. This saves HR and IT teams from manually carrying out these tedious tasks, allowing them to focus on other areas where their expertise is required for innovation. Despite the clear security benefits of automating this process, research has found that only 9% of businesses have it fully automated as soon as HR updates an employee’s position or access rights. A further 37% have some automation place but still have to make manual changes and 54% are still completing the entire task manually, which shows there is still a long way to go.
During these difficult times, effective and accurate resource management, provisioning and deprovisioning doesn’t just support HR and IT teams, but also enables the entire workforce to be productive, and increases efficiency and security across the whole business. In today’s workplace, where we rely on technology more than ever in order to maintain normality, effectively and securely managing resource access can seem like an impossible task. However, organisations that invest in automation in order to overcome these challenges can enhance productivity, protect against security threats, and stay resilient during COVID-19.