Good Security Gives Users the Flexibility Needed to Get Their Jobs Don

Good Security Gives Users the Flexibility Needed to Get Their Jobs Done

Every user needs access to technology tools and resources to do their jobs. However, organizations must restrict access to IT resources to reduce the risk of security incidents. When security is prioritized over access, productivity suffers. Users start looking for workarounds to get their jobs done.

The problem is particularly acute among technical teams. According to a recent survey of IT professionals conducted by Pollfish, 57 percent of organizations require days or weeks to grant access to IT resources. Technical staff reported daily or weekly work interruptions due to access issues in 64 percent of organizations. To overcome these productivity drains, technical users resorted to workaround such as maintaining backdoor access to systems (55 percent), sharing credentials (53 percent) and using shadow IT tools (42 percent).

However, good security is agnostic, giving employees the flexibility to use the devices and tools that make them most comfortable and productive. There isn’t any reason why an organization can’t support Windows PCs, Macs, Linux-based desktops and other devices that users are familiar with. Properly defined policies and controls should allow users to install the software they need without being given administrator privileges over their systems.

Interested In Learning More?

Common Challenges

Conferencing programs have become a headache for many users and IT shops. Often these tools want to install a browser plugin or app, and are unable to do so if the user’s machine is tightly locked down.

Similar problems crop up with software development tools that have plugins requiring installation and maintenance. Additionally, developers want fairly unrestricted access to tools that can help them solve specific problems. If the local machine is locked down, developers are unable to take advantage of these tools.

A user-centric approach to security eliminates these problems, making both users and IT staff more productive. It also reduces risk by controlling administrative rights, limiting the need for privilege escalation and discouraging users from resorting to workarounds.

User-centric security begins with an evaluation of the platforms and tools users need and the controls required to keep systems and data safe. Most controls can be applied across all platforms. It’s a matter of knowing which controls translate and which ones need to be augmented. However, few in-house IT teams have the broad expertise required to complete this evaluation, and lack the time and resources to make the needed adjustments.

How DeSeMa Can Help

DeSeMa has the breadth of knowledge and manpower to evaluate and track endpoints and applications. Our team begins by determining the organization’s security and compliance requirements, and the level of risk to systems and data. This enables us to determine what controls are needed and map out how they should be applied across multiple platforms. We already have policies for many of the available applications.

The vast majority of the controls will come through existing identity and access management and mobile device management tools. Normally, there’s no need to buy anything new — it’s just a matter of setting up existing tools properly.

Software developers and other technical personnel want fairly unrestricted access. We can layer a security system so that the machine remains very secure while giving developers latitude to access the tools they need. Developers have enough flexibility to get their jobs done while remaining within the security envelope.

Strict user access controls and slow IT response to access requests create conflicts between security and productivity. It doesn’t have to be this way. Really good security gives users greater flexibility while reducing risk. Users gain access to the tools they need without resorting to dangerous workarounds.