- Solutions For
Specialist IT Support Services for:
- Security
Security
- Our Expertise
Our Full Range of IT Services
IT Support Service Desk
IT Infrastructure Services
Remote Monitoring & Management (RMM)
Cloud Solutions for Business
Business Continuity & Backup Services
Cyber Security Services
IT Consultancy Services
Microsoft 365 Solutions
Perimeter Firewall Security Services
Network & Data Security Services
IT Audits for Business
Dark Web Monitoring Services
User Security Awareness Training
Endpoint Security Services
vCIO & CIO Services
Mobile Device Management Services
Managed Wi-Fi Solutions
Cyber Essentials Certification for Law FirmsPosted 22nd January 2023
LP Lowdown, is LP Network's regular free newsletter designed to keep you up to date with all the latest IT news, security updates, and available products. Learn more.
It can be an ongoing struggle for businesses when it comes to balancing productivity and cyber security for their employees.
It’s important not to give too much freedom within your IT network, but likewise, you don’t want to add too many security barriers as people’s productivity can easily go downhill. As a small business, recognising and balancing the importance of both elements is vital.
Why do many businesses not adopt important security measures, when they are proven to be vital in stopping cyber-attacks? Inconvenience to their employees is one of the main reasons. All it takes is users to complain that multi-factor authentication is taking a long time to log in, and employers naturally either get rid of it or reduce its impact. However, in sacrificing robust security measures, productivity can actually become worse, because any downtime due to a data breach, for example, will be much more disruptive and indeed costly.
However, there are several ways that small businesses can have both secure and productive employees. It simply takes adopting IT tools that improve authentication security whilst ensuring staff are not inconvenienced.
As many employees will need to use a number of different applications or systems when working, it can be an inconvenience if they need to use an MFA (Multi Factor Identification) action for each of those logins. An easy solution to this issue would be single sign-on applications, which merge the authentication process for several apps into one login. SSO solutions like this can help businesses to improve their security without inconveniencing users.
Role-based authentication can save you time when setting up new employee accounts. Authentication and access are set up based on the person’s role.
Your IT department is able to set up permissions and contextual authentication factors just once, which ensure that the process is automated for when employees join the business. We would recommend that role permissions are regularly reviewed for activities, and access to systems that are not needed are removed from the permissions.
This means that not every employee or user within your IT network needs to go through the same authentication process. For example, an employee who is based in your office already has a high level of trust. However, if someone is trying to log in from another country, then they do not necessarily have that same trust in the eyes of the IT network.
You can use contextual authentication with MFA. It can target those users that are not trusted by way of their circumstance. Using this system, you can also block access to the system to anyone who is trying to log in from a certain country, or outside of normal working hours.
It’s important to note that businesses shouldn’t be inconveniencing those employees working from normal locations during normal hours. Some contextual factors that can be used include:
This is a further way to increase the security of your IT system and is typically done using an endpoint device manager, which automates the security behind user authentication. This all means that there’s no inconvenience to the user.
Your IT department would need to register your employees’ devices in the endpoint device manager, and then set up appropriate security rules. These rules could include blocking unknown devices attempting to access the system automatically. There should be additional thoughts and consideration given to this option if the staff are using personal devices to access business systems.
If you’d like to know more about boosting your authentication security, give us a call and schedule a security consultation.
Complete this quick form and LP Lowdown will arrive to your inbox in minutes.
