FEATURE : CYBERSECURITY
the office , asking IT staff to install software for them becomes more challenging .
Although it ’ s certainly possible for technicians to connect to employees ’ PCs remotely and install the software they need , coordinating that activity is harder when employees can ’ t simply walk to the help desk to ask for software installation .
The fact that remote workers may be in different time zones from the IT team complicates installation further .
The other special challenge is that remote workers often log in via home networks and are not directly connected to the corporate network or domain . As a result , IT staff may not be able to reach their devices easily to perform remote software installation .
Striking a balance
So , what ’ s a business to do ? Does it have to make the hard choice between prioritizing worker productivity and employee experience on the one hand , or security on the other ?
Fortunately , no . With a sophisticated and nuanced approach to privilege management , it ’ s possible to give employees the access . vulnerabilities or who trick employees into performing malicious activities via phishing , can wreak much greater havoc .
Note , by the way , that it ’ s not just employees ’ individual devices that are at risk . Since those devices are connected to the corporate network , attackers can move laterally to compromise other IT assets .
A single compromised admin account could place the entire business at risk . Indeed , abuse of Windows privileges is the most common attack vector threat actors leverage to spread ransomware across networks .
A particular risk for remote workers
Not being able to use important tools due to lack of admin privileges , or granting employees more privileges than they should have , is an issue that affects workers of all types , not just those who are remote .
Instead of denying admin privileges to employees outright , businesses should allow them to request privileges on an as-needed basis . Then , the IT team can temporarily grant them the privileges they require to install or run the tools they need .
To keep this process efficient , decisions about privilege requests should be automated whenever possible . For example , based on factors like an employee ’ s role and request history , service automation software can determine whether a request for temporary admin privileges is likely to be legitimate . That way , IT engineers don ’ t have to spend time reviewing the request manually , and because the automated request can be processed in seconds , employees don ’ t have to wait to run the tools they need .
Conclusion
Productivity , employee experience and security should receive equal priority at every organization . By taking a nuanced approach to privilege management – one that enables IT teams to grant employees temporary privileges – this becomes possible .
However , it ’ s especially challenging for companies with remote workers for a couple of reasons . One is that when employees are not in
Remote employees can do their jobs better and enjoy their work more , without having their devices become major risks from a cybersecurity perspective . p
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 55