How IAM solved (quite a few) HR & Administration issues this season
Amidst a working style most weren’t prepared for
With things finally returning to normal, if not because the pandemic is no longer threatening but at least because we have learnt to live with it, it is time to remember our lessons. When businesses closed down due to difficulties in communication, it didn’t just negatively impact the business or the industry, but showed a direct decline in the country’s economy itself. As much as we hope and pray that this is not our eternal reality, we should not be blind enough to ignore the fact that a paradigm shift has already occurred.
We have reached a point where the different products that IT readily offers are no longer independent entities (Actually, they never were). Right from ordering essentials online, making secure payments online, and converting our homes into virtual office spaces, this season has one strong message for all of us — IT is not a luxury anymore but a necessity. If you are not a very technical person, you are still expected to learn your basics. On the other hand, organizations that purely focused on clients who spoke the same language, are now looking at a wider market of opportunities where their products should be made in a way that’s unsophisticated, user friendly, and serves a variety of industries as opposed to just the IT industry and its derivatives.
Human Resources, for example, is a sector that closely associates with its workforce. With all this commotion, one-to-one communication opportunities for hiring, conflict resolutions, resignation processes, and plenty of other HR-based activities were at an uncomfortable state. An organization with a malfunctioning or non functioning HR and admin services is a threat to the very existence of the business.
These are a few areas an Identity and Access Management solution helped me and my colleagues get through the learning curve of working from home with ease.
# The no. of questions I have != The no. of times I nag an Administrator
The questions that we have are answered via different applications launched in an internal cloud. This has resources that we need for our day to day activities as well as enquiries related to payroll, partners, and customers. However, signing into each and every one of them is an overhead and can get frustrating. This is where IAM comes into picture. The single sign on feature in IAM allows us to access all the applications within a given session, using a single secure authentication. When I sign in to one application, it authenticates me to proceed further to all my other applications without having to sign into them again. Moreover, I can safely log out of all my applications using the single logout feature. This way, there is no way I am worried about having to logout of everything promptly.
This is utilized to access conference apps like Zoom using the organization-level user credentials so that the employees need not create separate accounts during this crisis.
# If >> proof not satisfactory >> use another factor
Since many of us our working from home, the chances of intruders, and imposters trying to act like they belong, can put the resources of an organization in risk. This is where multi factor authentication (MFA) comes into play.
In addition to the basic authentication you can include something that the user knows (like a password), something that the user has (like an RSA token), or something that the user is (any biometric references like retina scans or finger prints). While, adding this additional security element brings more security, it can be super annoying for an average user. This is why there is adaptive authentication. You can choose the MFA factors depending on how prominent the resources that a certain user handles are, the user’s geographical location (if the user is stuck somewhere other than the residence due to the situation), the user’s access privileges, or in other words, what the user can do with the accessed data, the user’s IP address and many more. This proves to be secure while still being user friendly.
# For >> all employees >> Go Passwordless
It can be a real struggle if we forget passwords in this circumstance. Imagine the plight of an IT admin if a number of people forget their passwords on a daily basis. Also, writing these passwords when you can’t remember them by heart, having weak passwords, having the same passwords for multiple applications for convenience can all lead to a hacker’s delight. Passwordless authentication protocols like FIDO2 depend on security key mechanisms instead of passwords. This is both user friendly and secure.
# While >> Required >> Onboard/ Promote/ Transfer
Onboarding, promoting, or transferring an employee requires the admins to give them access to certain applications and rights, and modify them whenever required. This is not a hassle with identity and access management since the users and roles exist in the system and creating new employees, promoting employees to another role, and transferring the department of an employee can all be done easily. These functions can also be enhanced using the workflow feature in IAM.
These are just a few advantages of having an IAM solution manage your applications. Technology is not a patch for the pandemic. This is going to be the way of life going forward since organizations have now realized its benefits and the extent of feasibility.
WSO2 Identity Server is an open source IAM solution that can solve your organization’s identity and access management requirements, so that the next time something tries to beat you, you are too prepared to be shook. :)