Lines between business and personal lives have been blurring for a very long time. It’s something that we discuss often when it comes to BYOD, but it also spills into our online-access identities. This, a new study from Gemalto found, is causing security headaches for IT decision makers.
For example, although 68 percent of these decision makers said they’d feel comfortable allowing employees to use their social media credentials on company resources, 90 percent said they are uncomfortable with employees using personal credentials for work purposes. I found that to be a bit contradictory, simply because of the risks that involve social media sites. While perhaps these employees aren’t using social media for work purposes, the access and network connection is still there. This blurred line between personal and professional, particularly when it comes to social media, may be why nearly two-thirds of those surveyed said they feel pressure to move to authentication methods, like fingerprint scans, that we’re seeing become more commonplace on consumer devices. A similar number think that what is good for the consumer should be good for enterprise.
The study also touched on mobility and identity security. Although the workplace has moved from beyond the cubicle to wherever you can access the corporate network and get work done, security has been slow to keep up. This may be why a third of IT decision makers said they restrict any access to company resources via mobile devices and nine out of 10 said they have some restrictions in place for employees trying to access the network off-site. Half said if security was better, they’d be more open to worker mobility.
This backs up a statement I read in a Network World article: Identity is the new security perimeter. Is the right approach to this security Identity and Access Management (IAM) solutions? The Gemalto survey respondents are mixed: Half said they are increasing their resources for IAM solutions. That’s the good news. But as Jon Oltsik wrote in the Network World piece:
IAM infrastructure was built organically over the last 10-15 years, so it depends upon a morass of disconnected and fragile elements. This situation greatly impacts security.
In all the predictions for 2017, few discuss identity and access issues, but I think as this line between professional and personal life continues to blur, especially as we see more growth from the IoT, IAM has to be a higher priority in the coming months. As François Lasnier, senior vice president, Identity Protection at Gemalto, said in a formal statement:
Businesses need to make sure their data isn’t compromised by bad personal habits. For IT leaders, it’s important that they keep pushing for security to be a priority at the board level, and ensure that it’s front of mind for everyone in an organization.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba