4 ways that HR teams can use Identity and Access Management (IAM) for secure remote working - Image by Gerd Altmann from PixabayAs businesses start to take tentative steps out of the COVID-19 pandemic, we are still seeking to understand what our ‘new normal’ is.  Against the backdrop of an ongoing pandemic, we cannot live in isolation until we find a vaccine. To support the economy, a return to work is inevitable. However, it is unlikely that we will return to the same working practises we had pre-COVID19.

Some firms were able to mitigate the impact of the lockdown through the use of technology. However, not all were so fortunate, businesses unable to adopt a working from home policy had to shut down during the lockdown temporarily. This has inevitably led to many negative impacts on businesses, industries, and the economy as a whole.

Technology has become our lifeline during the pandemic. This has meant that the responsibility of endorsing and improving technology is no longer viewed as solely the purpose of the IT team, or certain departments or roles. A paradigm shift has occurred with technology and its use in a post-pandemic world. It’s is now everyone’s responsibility, and everybody is relying on it. From ordering online when we couldn’t get out to the shops to converting our homes into virtual offices. These recent experiences have one strong message for all of us – IT is a necessity, embraced by the whole nation.

The impact on Human Resources

Human resources is an industry which has had to make a notable change towards a greater reliance on technology. During the pandemic HR processes such as hiring, conflict resolution, offboarding and other HR related activities could no longer follow the same face to face processes they had done historically, workarounds were needed.  We had to interview via Zoom, we were required to handle conflict resolutions remotely and virtually and so much more. Coupled with this HR teams had a new challenge, to re-invent their processes to fit the new virtual world. For the less tech-savvy, this has meant a steep learning curve.

There are a few areas where an identity ad access management solution (IAM) can help less technical individuals. They can make some of the requirements of home working easier to overcome. Security of personnel data is paramount for HR leaders, so adopting an IAM can help less technical individuals when working remotely. Here are four ways which an IAM solution can ensure the security and privacy of data:

Signing into your systems once

By implementing a single sign on (SSO) feature in IAM, it allows all resources that you need for the day to day HR activities to be kept together as well as keeping actions such as inquiries relating to payroll, partners, and customers accessible  and efficient. However, signing into each and every one of these applications is time-consuming which can get frustrating. This is where IAM comes into the picture. The SSO feature in IAM allows me to access all the applications within a given session, using a single secure authentication. When I sign in to one application, it authenticates me to proceed to all my other applications without having to sign into them again.

Moreover, I can safely log out of all my applications using the single logout feature. This way, I am not worried about having to log out of everything properly, it is done so for me.  Additionally, we utilise IAM to access conference apps like Zoom using the organisation-level user credentials so that employees need not create separate accounts every time they want to use Zoom.

Make it harder for hackers with adaptive authentication

Since many of us are working from home, there is a heightened chance of hackers trying to act as if they are part of the business, and therefore putting the organisation at risk. Recent research found “91% of businesses reported an increase in cyberattacks with employees working from home”. This is where multi-factor authentication (MFA) comes into play. In addition to basic authentication, you can include SMS authentication. This is where an SMS message with a code is texted to the employee to verify authentication. Alternatively, it could be something personal to the user, for example, any biometric references like retina scans or fingerprints. While implementing this additional element brings more security, it can be super annoying for an average user – like me. This is why a better solution is adaptive authentication. You can choose the factors depending on the following:

  • How prominent the resources that a certain user handles are?
  • The user’s geographical location. For example, when the user is working from somewhere other than their home or a known business location.
  • The user’s access privileges, or in other words, what the user can do with the accessed data.
  • The user’s IP address.

There are many more factors! Adaptive Authentication is both secure and user friendly.

Go passwordless!

It can be a real struggle if we forget passwords in any circumstance. Remembering multiple passwords, or even a simple complex password is often a challenge. IT teams become inundated with calls to reset them daily as part of security protocol. When individuals have too many different passwords to remember they often note them down which is not particularly smart. However, if you were to recycle or chose weak ‘easy options’ as passwords for convenience this can lead to a hackers paradise. By using Passwordless authentication, users can log in to a computer system without entering a password or any other knowledge-based secret. By adopting Passwordless authentication protocols it will allow you to rely on key security mechanisms instead of passwords. These are more user friendly whilst also keeping your businesses data secure.

Onboard, promote, transfer

Onboarding, promoting, or transferring an employee requires IT to give them access to certain applications and rights; and modify them whenever required. Identity and access management solutions can assist with this challenge since the users and roles exist in the system and creating new employees, promoting employees to another role, and transferring the department of an employee can all be done easily.

Could you implement an IAM solution for your HR team? These are just a few simple ways that an IAM solution can manage secure access to your applications. Technology and remote working is not a short-term fix for the pandemic. This is going to be the way of life going forward. Organisations now have a greater understanding of its benefits and how feasible it is for many non-IT departments and functions.

WSO2 Identity Server is an open source IAM solution that can solve your organisation’s identity and access management requirements so that the next time something seemingly technical gets in your way, you are prepared to challenge it.

WSO2 Logo

Founded in 2005, WSO2 is one of the world’s best open source integration vendors, helping digitally driven organisations become integration agile. WSO2 is a global organisation with offices in Europe, the Americas, Sri Lanka and Australia.

WSO2 solutions give enterprises the flexibility to deploy applications and services on-premises, on private or public clouds, or in hybrid environments and easily migrate between them as needed. All of the products are pre-integrated allowing enterprises to focus on value-added services and get to market faster.


Please enter your comment!
Please enter your name here