When it comes to security the cost in productivity is often high. Every one in the company spends seconds on entering passwords, minutes on waiting for updates and hours on filling out forms or opening tickets. Large investments made in security tools slowing down systems. However, not all security measures are bad for productivity. I will give you 5 examples where security will boost your companies productivity and make your employees smile.
SSO
Single sign-on is one of the most underrated function. It elimantes the tedious task of login. If you implement a true SSO your users need to login only to their computer and they can access all SSO enabled system. Suprisingly often companies implement SSO incompletely, where users need to login a second time to a web portal making what I call a DSO (double sign-on). SSO is great for security and make everybody’s life much easier and more safe. The less you force your users to type their password teh better password tehy will choose. Moreover, login can take up-to 20 second and brakes the flow of the work impacting productivity. Going from DSO to SSO gives a more polished impression of your IT, and improves resiliency against phishing attacks.
Publishing web applications
In the era where machines exist to run a browser arguably teh most convenient way to use a system is via the web. Embracing this trend you should make as many service available through the web as possible and eliminate the need to use VPN especially for non technical people. As part of the process you can use MFA to secure authentication and https to provide encryption. This will improve your security compared to VPN by denying an attacker access to many other network service running on your network including those juicy ssh and rdp services.
Biometric authentication and device pin
Another way to improve productivity of your company is to employ biometric authentication or device pins. Lot of time is spent every day when entering passwords in every company much of this time can be saved and used in better ways. Biometric authentication not only saves time but also improves security. Modern devices only store biometric information locally in a security enclave. Even if an attacker get hold of your computer or phone it’s very hard to gain access to your biometric information. However, in some situation it’s challenging to use biometric authentication. For example on shared devices. Since biometric information should only be stored locally there is no way to distribute it in an efficient and secure manner. Alternatively, you can use device pin. The biggest advantage of device pin is that they do not require any special hardware. They are more secure than password since they never leave the machine, therefore, they cannot be intercepted. Device pin should only be valid for a single computer or phone so they cannot be reused by an attacker on other devices.
Tablets and phones
Tablets and phones are part of our life and they should not only be allowed in our work life but encouraged by every company. Not only they enable your mobile work force to work from anywhere, but they can be more secure than computers. Moreover, tablets these they are more than capable to run even powerhouse software like Microsoft Office. Mobile devices tend to run modern operating systems designed to be as secure as possible with little need to manage the security configuration. On most mobile platforms like IOS and Android the manufacturer not only controls the operating system but also the application ecosystem. If you keep your devices up-to-date and you only use the official application store you are more secure than on a PC or Mac. You also don’t need to maintain additional security software like anti-virus and keeping all application up-to-date is much easier with the built in update functionalities.
Self-service password reset
Self-service password reset is not only convenient but also improves your password hygiene. Providing an easy way to change password saves times for IT and your users. It’s also good for security as people will choose stronger passwords if they know that they can always reset it. You can also warn your users if they use a known compromised password proactively.
The portal empowers your users to manage their second factor devices, making it painless to register new phones for multi factor authentication and setup new users.
I hope these five tips shows you that productivity and security are not mutually exclusive. If you want to learn more about modern security approaches please follow us on twitter, come to one of our meetups or det the full picture on one of our trainings.