As a CIO, which do you prioritize: security or business productivity? Chances are good that your answer is “both,” perhaps delivered with an exasperated shrug. Making sure you have proper network access control in place is non-negotiable, but so is helping your colleagues work as efficiently as possible.
As if the tension between these two IT mandates wasn’t already obvious, the pressure to transform with the digital age has ramped it up to a whole new level. Here’s how CIOs can make progress on both fronts, streamlining operations and stopping privileged access abuse at the same time.
Pursue annual security auditing
According to Security Boulevard, three out of four data breaches involve access to a privileged account. And yet, today’s CIOs find it tough to halt privileged access abuse, especially when stubborn managers or executives demand unfettered access to every tool, service, and site that the company uses. As technologies themselves become more open and inter-operable, CIOs face increasing expectations to provide more comprehensive access as well.
No IT professional wants to make anyone’s work harder than it has to be, but few people outside of IT fully understand the risk involved with broad-access policies and company-wide accounts. So how can you keep your company secure and help your coworkers stay productive?
One way to do this is to conduct an annual permission audit with your colleagues. By doing so, you can confirm that only the people who legitimately require access to critical systems have it. You can begin by defining high-risk or mission-critical devices and applications and designating business owners for each. Those business owners should then approve or deny access to these applications within a set time frame, at which point your team will make the necessary network access control changes.
And don’t cut corners—common-use devices such as connected printers handle data ranging from the mundane to the highly sensitive, but they are often dismissed as harmless. It is especially important that you invest in devices capable of defending themselves in the event of an attack. This kind of in-house security auditing, when done right, can support better ongoing collaboration between IT and the rest of the business.
Enable better access management with advanced tech
Advanced tech tools can also make it easier for CIOs to balance security and productivity. For example, you can tap a centralized identity access management solution to gain an organization-wide view of privileged access controls. By using a single tool to create accounts for all the systems at your company and then regulate access to them, you can lighten the burden on IT pros and still grant users the timely access they need. Your organization can also proactively address potential threats posed by inappropriate access or quickly revoke access when an employee leaves the company.
Employee accounts aren’t the only ones in need of scrutiny—IT logins should come in for a careful data security review too. Gaining access to a system administrator account is like striking gold for a hacker, as it gives access to accounts under the admin’s view. If you’re not already taking advantage of multi-factor authentication—particularly for accounts with privileged admin access—you’ll want to consider setting that up as well.
Adopt smarter password management strategies
Another way to ensure stronger access control is better password management. It’s frustrating for you when your colleagues forget their login credentials or use weak, facepalm-worthy passwords, but the people you work with are equally aggravated when they get locked out of their workstations with minutes to go before that big proposal is due. It’s no longer necessary to have your users change their password every 90 days, but it is essential that they have unique passwords for each of the systems they use and that those passwords are hard to crack.
Most human beings won’t be able to keep track of all the usernames and passwords they need to conduct their busy lives. Password management software can take this task off their plate by protecting all of their vital login credentials, offering integrated multi-factor authentication, and even alerting them in the event that their passwords need to be updated. Even better, most of these password management solutions have mobile versions that allow your colleagues to stay connected on the go. With the right tools in hand, you’ll get less push-back from your colleagues about using strong passwords.
Secure a brighter future with stronger access controls
The age-old IT conflict between security and convenience isn’t likely to die down anytime soon, but CIOs have better tools available to balance these priorities than ever before. By regularly auditing account privileges, using access management tools to streamline provisioning, and adopting better password management strategies, your organization can become more secure and still enjoy high productivity. That way, you can spend less time worrying about which accounts are vulnerable to attack and more time enabling game-changing digital transformations for your business.